From 55f2a4a6030fcd1092fef63ab6c3994b5975f956 Mon Sep 17 00:00:00 2001 From: Jacques I Massa Date: Thu, 30 Jan 2025 08:32:18 -0500 Subject: [PATCH 1/2] fix(version-upgrade): Upgrade Hubble Version to 1.16.6 (#1284) # Description Please provide a brief description of the changes made in this pull request. Upgrade Hubble version to 1.16.6 to remediate vulnerability. ## Related Issue If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request. ## Checklist - [x] I have read the [contributing documentation](https://retina.sh/docs/contributing). - [x] I signed and signed-off the commits (`git commit -S -s ...`). See [this documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) on signing commits. - [x] I have correctly attributed the author(s) of the code. - [x] I have tested the changes locally. - [x] I have followed the project's style guidelines. - [x] I have updated the documentation, if necessary. - [x] I have added tests, if applicable. ## Screenshots (if applicable) or Testing Completed ![image](https://github.com/user-attachments/assets/69d6fc80-cf1c-4af1-802f-da78f30eb9d5) Please add any relevant screenshots or GIFs to showcase the changes made. ## Additional Notes Add any additional notes or context about the pull request here. --- Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more information on how to contribute to this project. --- Makefile | 2 +- controller/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index ec885bcfac..088dec0cba 100644 --- a/Makefile +++ b/Makefile @@ -35,7 +35,7 @@ PLATFORM ?= $(OS)/$(ARCH) PLATFORMS ?= linux/amd64 linux/arm64 windows/amd64 OS_VERSION ?= ltsc2019 -HUBBLE_VERSION ?= v1.16.5 # This may be modified via the update-hubble GitHub Action +HUBBLE_VERSION ?= v1.16.6 # This may be modified via the update-hubble GitHub Action CONTAINER_BUILDER ?= docker CONTAINER_RUNTIME ?= docker diff --git a/controller/Dockerfile b/controller/Dockerfile index a8ae7f8e6e..6b7d78041f 100644 --- a/controller/Dockerfile +++ b/controller/Dockerfile @@ -99,7 +99,7 @@ RUN arr="clang tcpdump ip ss iptables-legacy iptables-legacy-save iptables-nft i ARG GOARCH=amd64 ENV HUBBLE_ARCH=${GOARCH} # ARG HUBBLE_VERSION may be modified via the update-hubble GitHub Action -ARG HUBBLE_VERSION=v1.16.5 +ARG HUBBLE_VERSION=v1.16.6 ENV HUBBLE_VERSION=${HUBBLE_VERSION} RUN echo "Hubble version: $HUBBLE_VERSION" && \ wget --no-check-certificate https://github.com/cilium/hubble/releases/download/$HUBBLE_VERSION/hubble-linux-${HUBBLE_ARCH}.tar.gz && \ From 20d1efdf316384cf24f6c4c81703d64063f62da9 Mon Sep 17 00:00:00 2001 From: Ritwik Ranjan Date: Thu, 30 Jan 2025 05:35:18 -0800 Subject: [PATCH 2/2] feat: add advanced retina performance test workflows (#1264) # Description This pull request includes changes to the GitHub Actions workflows to add a new advanced performance test and rename the existing performance test to basic performance test. The changes affect both the `.github/workflows/images.yaml` and `.github/workflows/perf.yaml` files. The most important changes include: ### Workflow updates: * [`.github/workflows/images.yaml`](diffhunk://#diff-d0a3d6684c78a148cbf0725d5fe8b5aab6431da05b698a82c9e015516f3020baL335-R337): Renamed the `perf` job to `perf-basic` and updated the test command to include `-retina-mode=basic` argument. [[1]](diffhunk://#diff-d0a3d6684c78a148cbf0725d5fe8b5aab6431da05b698a82c9e015516f3020baL335-R337) [[2]](diffhunk://#diff-d0a3d6684c78a148cbf0725d5fe8b5aab6431da05b698a82c9e015516f3020baL367-R401) * [`.github/workflows/images.yaml`](diffhunk://#diff-d0a3d6684c78a148cbf0725d5fe8b5aab6431da05b698a82c9e015516f3020baL367-R401): Added a new job `perf-advanced` for running the advanced performance tests with `-retina-mode=advanced` argument. * [`.github/workflows/perf.yaml`](diffhunk://#diff-1aa140a875fcb7cae6b4ada7e6e973c4d55179ad046f56465f9f0ec592f283caL18-R19): Renamed the `perf_test` job to `perf_test-basic` and updated the test command to include `-retina-mode=basic` argument. [[1]](diffhunk://#diff-1aa140a875fcb7cae6b4ada7e6e973c4d55179ad046f56465f9f0ec592f283caL18-R19) [[2]](diffhunk://#diff-1aa140a875fcb7cae6b4ada7e6e973c4d55179ad046f56465f9f0ec592f283caL52-R88) * [`.github/workflows/perf.yaml`](diffhunk://#diff-1aa140a875fcb7cae6b4ada7e6e973c4d55179ad046f56465f9f0ec592f283caL52-R88): Added a new job `perf_test-advanced` for running the advanced performance tests with `-retina-mode=advanced` argument. ## Related Issue If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request. ## Checklist - [ ] I have read the [contributing documentation](https://retina.sh/docs/contributing). - [ ] I signed and signed-off the commits (`git commit -S -s ...`). See [this documentation](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification) on signing commits. - [ ] I have correctly attributed the author(s) of the code. - [ ] I have tested the changes locally. - [ ] I have followed the project's style guidelines. - [ ] I have updated the documentation, if necessary. - [ ] I have added tests, if applicable. ## Screenshots (if applicable) or Testing Completed Please add any relevant screenshots or GIFs to showcase the changes made. ## Additional Notes Add any additional notes or context about the pull request here. --- Please refer to the [CONTRIBUTING.md](../CONTRIBUTING.md) file for more information on how to contribute to this project. --- .github/workflows/images.yaml | 42 +++++++++++++++++++++++++++++---- .github/workflows/perf.yaml | 44 +++++++++++++++++++++++++++++++---- 2 files changed, 78 insertions(+), 8 deletions(-) diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml index 915cc09698..fa60c49d45 100644 --- a/.github/workflows/images.yaml +++ b/.github/workflows/images.yaml @@ -332,9 +332,9 @@ jobs: set -euo pipefail go test -v ./test/e2e/. -timeout 60m -tags=e2e -count=1 -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }} -image-namespace=${{ github.repository}} - perf: + perf-basic: if: ${{ github.event_name == 'merge_group' && success('manifests')}} - name: Retina Performance Test + name: Retina Basic Performance Test runs-on: ubuntu-latest needs: [manifests] @@ -345,7 +345,41 @@ jobs: - name: Setup go uses: actions/setup-go@v5 with: - go-version-file: go.mod + go-version: 1.23 + - run: go version + + - name: Az CLI login + uses: azure/login@v2 + if: ${{ github.event_name == 'merge_group' }} + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION }} + + - name: Run Perf Tests + env: + AZURE_APP_INSIGHTS_KEY: ${{ secrets.AZURE_APP_INSIGHTS_KEY }} + AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }} + AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} + shell: bash + run: | + set -euo pipefail + go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }} -image-namespace=${{ github.repository }} -retina-mode=basic + + perf-advanced: + if: ${{ github.event_name == 'merge_group' && success('manifests')}} + name: Retina Advanced Performance Test + runs-on: ubuntu-latest + needs: [manifests] + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup go + uses: actions/setup-go@v5 + with: + go-version: 1.23 - run: go version - name: Az CLI login @@ -364,4 +398,4 @@ jobs: shell: bash run: | set -euo pipefail - go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }} -image-namespace=${{ github.repository }} + go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }} -image-namespace=${{ github.repository }} -retina-mode=advanced diff --git a/.github/workflows/perf.yaml b/.github/workflows/perf.yaml index dcbe96f7bf..11d71cf47e 100644 --- a/.github/workflows/perf.yaml +++ b/.github/workflows/perf.yaml @@ -15,8 +15,8 @@ permissions: id-token: write jobs: - perf_test: - name: Retina Performance Test + perf-test-basic: + name: Retina Basic Performance Test runs-on: ubuntu-latest steps: @@ -26,7 +26,7 @@ jobs: - name: Setup go uses: actions/setup-go@v5 with: - go-version-file: go.mod + go-version: 1.23 - run: go version - name: Az CLI login @@ -49,4 +49,40 @@ jobs: else TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r .tag_name) fi - go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$TAG -image-registry=ghcr.io -image-namespace=${{ github.repository }} + go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$TAG -image-registry=ghcr.io -image-namespace=${{ github.repository }} -retina-mode=basic + + perf-test-advanced: + name: Retina Advanced Performance Test + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup go + uses: actions/setup-go@v5 + with: + go-version: 1.23 + - run: go version + + - name: Az CLI login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION }} + + - name: Run performance measurement for Retina + env: + AZURE_APP_INSIGHTS_KEY: ${{ secrets.AZURE_APP_INSIGHTS_KEY }} + AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }} + AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} + shell: bash + run: | + set -euo pipefail + if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then + TAG=${{ github.event.inputs.tag }} + else + TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r .tag_name) + fi + go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$TAG -image-registry=ghcr.io -image-namespace=${{ github.repository }} -retina-mode=advanced