Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add flag enable-policy-event-logs #48

Merged
merged 4 commits into from
Sep 15, 2023
Merged

feat: Add flag enable-policy-event-logs #48

merged 4 commits into from
Sep 15, 2023

Conversation

mycrEEpy
Copy link
Contributor

@mycrEEpy mycrEEpy commented Sep 2, 2023

Issue #, if available: #47

Description of changes:
Add flag enable-policy-event-logs to disable event logging due to high cost of one full CPU core on each node.
Policy event logging is also now disabled by default.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

mycrEEpy
mycrEEpy commented Sep 2, 2023
View reviewed changes
pkg/ebpf/events/events.go
"Proto", protocol, "Verdict", verdict)

message = "Node: " + nodeName + ";" + "SIP: " + utils.ConvByteArrayToIP(rb.SourceIP) + ";" + "SPORT: " + strconv.Itoa(int(rb.SourcePort)) + ";" + "DIP: " + utils.ConvByteArrayToIP(rb.DestIP) + ";" + "DPORT: " + strconv.Itoa(int(rb.DestPort)) + ";" + "PROTOCOL: " + protocol + ";" + "PolicyVerdict: " + verdict
for record := range ringbufferdata {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also changed this line to wait for data from the channel instead of dead spinning the CPU in the for loop.

@mycrEEpy mycrEEpy mentioned this pull request Sep 5, 2023
Closed
@jayanthvn
Copy link
Contributor

I have triggered the build and test. Thanks for the PR.

achevuru
achevuru reviewed Sep 7, 2023
View reviewed changes
pkg/config/controller_config.go
@@ -39,7 +42,8 @@ func (cfg *ControllerConfig) BindFlags(fs *pflag.FlagSet) {
"Set the controller log file - if not specified logs are written to stdout")
fs.IntVar(&cfg.MaxConcurrentReconciles, flagMaxConcurrentReconciles, defaultMaxConcurrentReconciles, ""+
"Maximum number of concurrent reconcile loops")
fs.BoolVar(&cfg.EnableCloudWatchLogs, flagEnableCloudWatchLogs, false, "If enabled, policy decision logs will be streamed to CloudWatch")
fs.BoolVar(&cfg.EnablePolicyEventLogs, flagEnablePolicyEventLogs, false, "If enabled, policy decision logs will be collected & logged")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Flow specific logs will be rather useful for debugging. Since this is an initial release, will be helpful to have it turned on by default for the first few releases. It should only log an entry per flow and not per packet (for accepted flows). Obviously, this change allows an user to turn it off if it becomes too verbose for them..

Copy link
Contributor Author

@mycrEEpy mycrEEpy Sep 7, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The problem with turning it on by default is not the amount of logs being produced, but the fact that the busy loop which is collecting the decision logs is consuming a full CPU core on every node. From a users point of view this is unexpected and undesired default behavior.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the delay. We had some internal discussions on what the default should be for this flag and we agreed on disabling this by default considering the agent runs as a daemonset. So, we should be good with the current PR. We will look to enable it by default, once we find a way to optimize the CPU usage. Thanks for the PR.

@jayanthvn jayanthvn added this to the v1.0.3 milestone Sep 12, 2023
@achevuru
Copy link
Contributor

Can you help rebase the PR?

@achevuru achevuru self-requested a review September 13, 2023 18:26
@mycrEEpy
Copy link
Contributor Author

Can you help rebase the PR?

I've rebased onto main.

@jayanthvn
Copy link
Contributor

We need to block init of Ring buffer and epoll... I will take up post merge of this PR.

@achevuru achevuru merged commit a2760c2 into aws:main Sep 15, 2023
2 checks passed
achevuru added a commit that referenced this pull request Sep 26, 2023
@achevuru @jayanthvn
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot
Merge from main (#76)
a58f148 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
achevuru added a commit that referenced this pull request Oct 4, 2023
@achevuru @jayanthvn
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot
Merge main to release-1.0 (#88)
0546aac 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@mycrEEpy mycrEEpy deleted the disable-policy-logs branch October 13, 2023 20:55
achevuru added a commit that referenced this pull request Oct 25, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126
Sync Main with Release 1.0 (#111)
af760b7 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
jayanthvn added a commit that referenced this pull request Nov 13, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Release 1.0 merge from main (#136)
9467d83 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* Update mod

* Remove print

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
jayanthvn added a commit that referenced this pull request Nov 24, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Merge main to Release 1.0 (#147)
c1913d6 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* force vulns check to use specified go patch version (#137)

* Updating the expected results for known flaky test cases

* Memory corruption (#142)

* Merge extra call

* remove unwanted prints

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
achevuru added a commit that referenced this pull request Dec 6, 2023
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Merge Main to Release 1.0 (#161)
65468e0 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* force vulns check to use specified go patch version (#137)

* Updating the expected results for known flaky test cases

* Memory corruption (#142)

* Bump github.com/google/uuid from 1.3.1 to 1.4.0 (#157)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#156)

Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.9...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#154)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 (#153)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.3 to 0.28.4 (#155)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.3 to 0.28.4.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.3...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack enhancements (#151)

* Env fix

* Move to flag

* Cleanup

* Log line for debugs

* minor update

* Ignore PE slices tied to same NP during Clean up flow (#159)

* Ignore PE slices tied to same NP during Clean up flow

* Format changes

* UT fix

---------

Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>

* CLI changes (#152)

* CLI changes

* Utils

* Upgrade SDK

* Upgrade sdk

* Merge main to rel-1.0

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
achevuru added a commit that referenced this pull request Feb 2, 2024
@jayanthvn @achevuru
@geoffcline @jaydeokar @rxnew @mycrEEpy @kareem-rady @dependabot @jdn5126 @haouc
Merge main to Release 1.0 (#201)
c33424e 
* Move to mainline sdk changes (#25)

* Reuse eBPF SDK Client (#26)

* Code refactoring - Sync to SDK's new API interface (#27)

* Additional UTs for eBPF pkg (#29)

* Additional UTs for eBPF pkg

* UT for Global Map recovery flow

* format changes

* Events refactor (#30)

* Remove replace and add comments

* Minor refactor

* Update AL2023 image

* vmlinux generation

* update readme (#31)

* Third party attribution doc (#32)

* Thirdparty attribution doc

* Minor nits

* minor nit

* README Updates (#34)

* Update README.md (#35)

* Update go.mod and go.sum for master (#38)

* Update go.mod and go.sum

docker/make file changes

* fix up vet

* Run Conformance and Performance tests with github actions (#5)

* Updated conformance and performance test parameters (#39)

* Fix problem with policy not being applied to pods on IPv6 nodes (#40)

* Update the session duration to 5 hrs for github actions (#53)

* Update scripts to run cyclonus suite and install latest MAO

* Handle 0 entries in cli (#60)

* Update test pkg (#61)

* Ignore policy restrictions against Node IP (#65)

* feat: Add flag enable-policy-event-logs (#48)

* feat: Add flag enable-policy-event-logs

Policy event logging is now disabled by default

* feat: Add enable-policy-event-logs flag to readme

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Issue#45 Modified Default Metrics Bind Port (#46)

* Issue#45 Modified Default Metrics Bind Port

* Modified Health Probe Bind address to 8163

---------

Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#43)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Bump github.com/vishvananda/netlink (#42)

Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.1-0.20210330154013-f5de75959ad5 to 1.2.1-beta.2.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/commits/v1.2.1-beta.2)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add update image script and make targets (#59)

* Fixes to cyclonus test script (#69)

* Remove KUBECONFIG environment variable from cyclonus test script

* With catchALL honor "except" (#58)

* Honor except with catchALL

* PR feedback

* Remove unnecessary header files (#71)

* Return exit status if test verification fails

* V6 Optimizations (#80)

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.13.4 to 1.15.0 (#82)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.13.4 to 1.15.0.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.13.4...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Honor V6 Elf file updates (#84)

* Build latest image with conformance tests (#85)

* Create a github action to build multi-arch docker image

* Update credentials action to v3

* Log rotate support (#87)

* Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#81)

Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Race condition with init and cw setup (#93)

* Bump golang.org/x/net from 0.12.0 to 0.17.0 (#95)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.17.0.
- [Commits](golang/net@v0.12.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* upgrade Go to 1.21.3 and upgrade dependencies

* Fix conntrack issue and increase supported port/protocol  (#102)

* Fix conntrack

* Update events

* Pull test images from internal test infra accounts (#79)

* Pull test images from internal test infra accounts

* Test with ARM nodes in e2e conformance tests

* Handle PolicyEndpoint split scenario when the target pods are paired … (#106)

* Handle PolicyEndpoint split scenario when the target pods are paired with empty ingress/egress rules

* Fix UT

* inherit firewall rules from larger cidrs (#104)

* Update /m

* format

* Len changes

---------

Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>

* Update pr-tests.yaml (#112)

* Handle for controller not adding prefix lens (#113)

* Update pr-tests.yaml

* Minor fix for missing prefixlens

* Refactor

* Minor refactor (#116)

* Update pr-tests.yaml

* Minor refactor

* README Update (#117)

* Update issue templates (#121)

* add more checks in pr actions

* Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#126)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.5 (#134)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.45.19 to 1.47.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.45.19...v1.47.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.2 to 0.28.3 (#123)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.2 to 0.28.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.2...v0.28.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#122)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.16.2...v0.16.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack cleanup issue with v1.0.5 (#133)

* Conntrack cleanup issue with v1.0.5

* Minor changes

* Index with owner

* Add padding for v6

* Upgrade SDK

* CLI update

* minor change

* force vulns check to use specified go patch version (#137)

* Updating the expected results for known flaky test cases

* Memory corruption (#142)

* Bump github.com/google/uuid from 1.3.1 to 1.4.0 (#157)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#156)

Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.9...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#154)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.7.0...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 (#153)

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.28.3 to 0.28.4 (#155)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.3 to 0.28.4.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.3...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Conntrack enhancements (#151)

* Env fix

* Move to flag

* Cleanup

* Log line for debugs

* minor update

* Ignore PE slices tied to same NP during Clean up flow (#159)

* Ignore PE slices tied to same NP during Clean up flow

* Format changes

* UT fix

---------

Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>

* CLI changes (#152)

* CLI changes

* Utils

* Upgrade SDK

* Upgrade sdk

* Update builder image to latest golang version

* fix logger error; remove version log

* Add workflow to run manual e2e tests on specific instance type (#148)

* Add region parameter to describe instances

* Add prefix to identify log stream for network policy events (#178)

* Bump github.com/go-logr/logr from 1.3.0 to 1.4.1

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.3.0 to 1.4.1.
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.3.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/client-go from 0.28.4 to 0.29.0

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.28.4 to 0.29.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.4...v0.29.0)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Log the to be deleted conntrack entries in readable format

* dependabot updates

* Handle replica and VIP (#179)

* Check the new addon versions in the right regions

* Update CI scripts to the test on latest available k8s cluster

* Bump github.com/aws/amazon-vpc-cni-k8s from 1.16.0 to 1.16.2 (#196)

Bumps [github.com/aws/amazon-vpc-cni-k8s](https://github.com/aws/amazon-vpc-cni-k8s) from 1.16.0 to 1.16.2.
- [Release notes](https://github.com/aws/amazon-vpc-cni-k8s/releases)
- [Changelog](https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.2/CHANGELOG.md)
- [Commits](aws/amazon-vpc-cni-k8s@v1.16.0...v1.16.2)

---
updated-dependencies:
- dependency-name: github.com/aws/amazon-vpc-cni-k8s
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.49.13 to 1.50.9 (#199)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.49.13 to 1.50.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](aws/aws-sdk-go@v1.49.13...v1.50.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/apimachinery from 0.29.0 to 0.29.1 (#197)

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.29.0 to 0.29.1.
- [Commits](kubernetes/apimachinery@v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump golang.org/x/sys from 0.15.0 to 0.16.0 (#195)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.15.0 to 0.16.0.
- [Commits](golang/sys@v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump k8s.io/client-go from 0.29.0 to 0.29.1 (#194)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.29.0 to 0.29.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.29.0...v0.29.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Handle PE split cleanup and duplicate l4info (#185)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Apurup Chevuru <60630804+achevuru@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: K.Hoshi <rxnew.axdseuan@gmail.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tobias Germer <bvrcreepyx@hotmail.de>
Co-authored-by: Kareem Rady <82394457+kareem-rady@users.noreply.github.com>
Co-authored-by: Kareem Rady <kareemrady@KR-MBA.local>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeff Nelson <jdnelson@amazon.com>
Co-authored-by: Jeffrey Nelson <jdn5126@gmail.com>
Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Hao Zhou <haouc@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@achevuru achevuru achevuru approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.0.4
Development

Successfully merging this pull request may close these issues.
3 participants
@mycrEEpy @jayanthvn @achevuru