Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integration test suite for Custom Networking + Security Groups for Pods #2818

Merged
merged 1 commit into from
Mar 13, 2024
Merged

Integration test suite for Custom Networking + Security Groups for Pods #2818

merged 1 commit into from
Mar 13, 2024

Conversation

jdn5126
Copy link
Contributor

@jdn5126 jdn5126 commented Feb 29, 2024
edited
Loading

What type of PR is this?
testing

Which issue does this PR fix?:

N/A

What does this PR do / Why do we need it?:
This PR adds a new integration test suite: custom_networking_sgpp. This suite validates the combination of Custom Networking and Security Groups for Pods. The test cases are copied primarily from the pod_eni test suite. An additional test case is added to validate the Security Group assigned to the trunk ENI in this operating mode following #2792.

There is one TODO in this test suite, and that is to clone the cluster Security Group to the Security Group specified in the ENIConfig. Currently, the Custom Networking Security Group just allows all traffic.

Testing done on this change:
Verified that test suite passes.
image

Will this PR introduce any new dependencies?:
No

Will this break upgrades or downgrades? Has updating a running cluster been tested?:
No, Yes

Does this change require updates to the CNI daemonset config files to work?:
No

Does this PR introduce any user-facing change?:
No

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@jdn5126 jdn5126 requested a review from a team as a code owner February 29, 2024 16:56
@jdn5126 jdn5126 mentioned this pull request Feb 29, 2024
Closed
@jdn5126 jdn5126 force-pushed the sgpp_and_cn branch 3 times, most recently from b7ed952 to cc88f6b Compare March 5, 2024 15:56
haouc
haouc approved these changes Mar 13, 2024
View reviewed changes
Copy link
Contributor

@haouc haouc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@haouc
Copy link
Contributor

haouc commented Mar 13, 2024

This PR has changes all in test suite and failed PR action is on vulns check. I will raise another PR to mitigate CVEs.

@haouc haouc merged commit ac3fa94 into aws:master Mar 13, 2024
5 of 6 checks passed
@jdn5126 jdn5126 deleted the sgpp_and_cn branch March 14, 2024 14:29
@eks-networking-bot eks-networking-bot mentioned this pull request Apr 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haouc haouc haouc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jdn5126 @haouc