Skip to content

feat(deps): upgrade Cilium to v1.19.0#2031

Open
nddq wants to merge 1 commit intomicrosoft:mainfrom
nddq:wip/cilium+IGUpgrades
Open

feat(deps): upgrade Cilium to v1.19.0#2031
nddq wants to merge 1 commit intomicrosoft:mainfrom
nddq:wip/cilium+IGUpgrades

Conversation

@nddq
Copy link
Member

@nddq nddq commented Feb 11, 2026
edited
Loading

Description

This PR is opened solely to validate that all CI checks pass. It should NOT be merged.

Upgrade the Cilium dependency from v1.18.0-pre.1 to v1.19.0 and adapt the codebase to breaking API changes. This includes:

  • Rewriting Hubble flow enrichment and DNS parsing to work with Cilium v1.19 APIs (structpb-based extensions replace RetinaMetadata)
  • Adding DI stubs for new Cilium cell/hive requirements
  • Resolving duplicate workqueue metrics providers
  • Adding new eBPF-based DNS and TCP retransmission plugins
  • Bumping Go base images to 1.25.7 and go directive to 1.25.0
  • Removing cross-compilation from Dockerfiles for native arm64 builds via QEMU (Microsoft Go 1.25 requires CGO_ENABLED=1 for its crypto backend)
  • Fixing Prometheus metric parsing with prometheus/common v0.67.5
  • Upgrading golangci-lint from v1 to v2.9.0; setting CGO_ENABLED=0 for lint to prevent typecheck errors from _cprog C source directories
  • Moving DNS recordsChannel creation outside EnablePodLevel conditional to fix DNS metrics in basic mode

Related Issue

Refs #1788

Checklist

  • I have read the contributing documentation.
  • I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
  • I have correctly attributed the author(s) of the code.
  • I have tested the changes locally.
  • I have followed the project's style guidelines.
  • I have updated the documentation, if necessary.
  • I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

  • CI image builds (amd64, arm64, Windows)
  • golangci-lint v2.9.0 passes locally with CGO_ENABLED=0
  • Unit tests pass locally

Additional Notes

This is a major dependency upgrade. Cilium v1.19.0 introduces breaking changes in the Hubble and cell APIs that required significant adaptation in the Retina hubble control plane. This PR is for CI validation only — it will be superseded by smaller, reviewable PRs once CI is confirmed green.

Please refer to the CONTRIBUTING.md file for more information on how to contribute to this project.

@nddq nddq changed the title feat: upgrade Cilium from v1.18.6 to v1.19.0 feat: upgrade Cilium to v1.19.0 Feb 11, 2026
@nddq nddq mentioned this pull request Feb 11, 2026
Open
@nddq nddq force-pushed the wip/cilium+IGUpgrades branch 3 times, most recently from 539261a to 7a62f50 Compare February 11, 2026 17:07
@nddq nddq changed the title feat: upgrade Cilium to v1.19.0 feat(deps): upgrade Cilium to v1.19.0 Feb 11, 2026
@nddq nddq force-pushed the wip/cilium+IGUpgrades branch from 7a62f50 to 5a7c018 Compare February 11, 2026 20:38
This was referenced Feb 11, 2026
Open
Open
Open
Open
Open
Open
Open
@nddq nddq marked this pull request as ready for review February 11, 2026 21:07
@nddq nddq requested a review from a team as a code owner February 11, 2026 21:07
@nddq nddq requested review from mereta and rayaisaiah February 11, 2026 21:07
@nddq nddq force-pushed the wip/cilium+IGUpgrades branch 5 times, most recently from 96e3bf9 to cdee4b8 Compare February 13, 2026 01:44
@nddq
feat(deps): upgrade Cilium to v1.19.0
93c3d87 
Upgrade the Cilium dependency from v1.18.0-pre.1 to v1.19.0 and adapt
the codebase to breaking API changes.

Key changes:
- Rewrite Hubble flow enrichment and DNS parsing to work with Cilium
  v1.19 APIs (structpb-based extensions replace RetinaMetadata)
- Add DI stubs for new Cilium cell/hive requirements
- Resolve duplicate workqueue metrics providers
- Add new eBPF-based DNS and TCP retransmission plugins
- Bump Go base images to 1.25.7 and go directive to 1.25.0
- Remove cross-compilation from Dockerfiles for native arm64 builds
  via QEMU (Microsoft Go 1.25 requires CGO_ENABLED=1 for crypto)
- Fix prometheus metric parsing with prometheus/common v0.67.5
- Upgrade golangci-lint from v1 to v2.9.0; set CGO_ENABLED=0 for
  lint to prevent typecheck errors from _cprog C source directories
- Fix DNS metrics by moving recordsChannel creation outside
  EnablePodLevel conditional

Refs: microsoft#1788
Signed-off-by: Quang Nguyen <nguyenquang@microsoft.com>
@nddq nddq force-pushed the wip/cilium+IGUpgrades branch from cdee4b8 to 93c3d87 Compare February 13, 2026 22:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rayaisaiah rayaisaiah Awaiting requested review from rayaisaiah rayaisaiah is a code owner automatically assigned from microsoft/retina

@mereta mereta Awaiting requested review from mereta mereta is a code owner automatically assigned from microsoft/retina

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

do not merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nddq