Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,620 Commits 27 Branches 785 Tags 625 MiB
215fb157ff
Commit Graph

2620 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brad Davidson
215fb157ff Add certificate rotate-ca to write updated CA certs to datastore 
This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-06 15:09:31 -08:00
Brad Davidson
3c324335b2 Add utility functions for getting kubernetes client 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-06 15:09:31 -08:00
Brad Davidson
58d40327b4 Fix CA cert hash for root certs 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-06 15:09:31 -08:00
Brad Davidson
0919ec6755 Ensure cluster-signing CA files contain only a single CA cert 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-06 15:09:31 -08:00
Brad Davidson
1ec242d816 Add example certificate generation script 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-06 15:09:31 -08:00
Felix Niederwanger
7e59376bb9
Fix check for (open)SUSE version (#6791) 
Fix the check, if we're running SUSE or openSUSE in the installer
script.

Signed-off-by: phoenix <felix.niederwanger@suse.com>
 2023-02-06 11:27:12 -08:00
Paulo Gomes
ee007bc7cf
Bump deps: trivy, sonobuoy, dapper (#6807) 
- trivy v0.36.1
- sonobuoy v0.56.14
- golangci-lint v1.50.1
- gopls v0.11.0
- dapper v0.6.0
- golang v1.19.5

Signed-off-by: Paulo Gomes <paulo.gomes@suse.com>
 2023-02-06 11:25:24 -08:00
Robert Schweikert
bb353f5d2b
Fix reference to documentation (#6860) 
The documentation is no longer part of the Rancher project but can be found in
k3s-io/docs. Fix the wording an link in the contribution docs to point the
potential contributor to the proper location

Signed-off-by: Robert Schweikert <rjschwei@suse.com>
 2023-02-06 11:16:14 -08:00
Derek Nola
7cad3db251
E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851) 
* Convert docker E2E to startup E2E
* Move preferedbundled into the e2e startup test

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-02-06 10:39:46 -08:00
Derek Nola
32086717fc
Ensure flag type consistency (#6852) 
* Convert all flags to pointers for consistency

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-31 12:57:48 -08:00
Derek Nola
750cff561d
Bump vagrant boxes to fedora37 (#6832) 
* Bump to generic/fedora37
* fix epic permissions
* Disable sonobuoy on rootless

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-30 13:14:29 -08:00
Akos Elek
9fcc7c0db8
Fix cronjob example (#6707) 
Related PR:
https://github.com/rancher/rke2-docs/pull/38

Signed-off-by: Akos Elek <akose73@tazerve.hu>
 2023-01-30 10:52:22 -08:00
Derek Nola
0d4caf4e24
Wait for cri-dockerd socket (#6812) 
* Wait for cri-dockerd socket
* Consolidate cri utility functions

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-27 13:16:59 -08:00
Brad Davidson
1c6fde9a52 go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-27 12:09:18 -08:00
Brad Davidson
369b81b45e Honor Service ExternalTrafficPolicy 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-27 12:09:18 -08:00
Brad Davidson
94d1a87509 Bump wrangler version for EndpointSlice support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-27 12:09:18 -08:00
Derek Nola
86e36225f5
Consolidate E2E tests and GH Actions (#6772) 
* Consolidate cluster reset and snapshot E2E tests
* Add more context to secrets-encryption test
* Reuse build workflow
* Convert updatecli to job level permissions
* Remove dweomer microos from E2E and install testing

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-27 09:01:13 -08:00
Hrittik Roy
808c71a63e
Add Ayedo (#6801) 
Signed-off-by: Hrittik Roy <67012359+hrittikhere@users.noreply.github.com>
 2023-01-27 11:37:44 -05:00
Derek Nola
75f77ab951
E2E Rancher and Hardened script improvements (#6778) 
* Improve test-pad rancher script

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Improve hardened script and added kube-bench utility script

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Apply same audits for 1.22 and older

Signed-off-by: Derek Nola <derek.nola@suse.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-26 18:17:33 -08:00
Brooks Newberry
f0655f153e
update stable channel to v1.25.6+k3s1 (#6828) 2023-01-26 18:09:46 -08:00
Brad Davidson
3cb6fa5cc7 Set cri-dockerd version at build time 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:32:28 -08:00
Brad Davidson
f72649d1bd Bump cri-dockerd 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:32:28 -08:00
Brad Davidson
89f7062431 Add build tag to disable cri-dockerd 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:29:18 -08:00
Brooks Newberry
f10af367c3
Update to v1.26.1-k3s1 (#6774) 2023-01-19 07:56:32 -08:00
Brooks Newberry
f19892c2d2
drone correct plugins/docker tag supporting linux/arm (#6769) 2023-01-18 12:38:51 -08:00
Derek Nola
291f8bfe00
Slow dependency CI to weekly (#6764) 
* Add labels to updatecli PRs
* Run weekly

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-18 09:39:46 -08:00
ShylajaDevadiga
2007cdd54f
generate report and upload test results (#6737) 
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>

Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
Co-authored-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
 2023-01-18 09:34:52 -08:00
Derek Nola
7bbcac92fd
Bump download action to v3 (#6746) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-17 11:04:34 -08:00
Nikolai Shields
d71ab6317e
Update stable to 1.25.5+k3s2 (#6753) 2023-01-14 12:12:51 -06:00
Brad Davidson
f54b5e4fa0 Fix CI tests 
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-13 17:22:25 -08:00
Silvio Moioli
23c1040adb
Bugfix: do not break cert-manager when pprof is enabled (#6635) 
Signed-off-by: Silvio Moioli <silvio@moioli.net>
 2023-01-13 16:09:14 -08:00
github-actions[bot]
a4549cf989
chore: Bump golang:alpine version (#6683) 
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2023-01-12 18:58:04 -05:00
Brad Davidson
8340b54309 Pass through default tls-cipher-suites 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-12 14:51:04 -08:00
Derek Nola
cc3583399a
Add explicit permissions to workflows (#6700) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-12 13:57:57 -08:00
dependabot[bot]
d85952d6a0
Bump ubuntu from 20.04 to 22.04 in /tests/e2e/scripts (#6686) 
Bumps ubuntu from 20.04 to 22.04.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-12 13:57:28 -08:00
Derek Nola
674a05478f
Containerd restart testlet (#6696) 
* Add containerd testlet to startup integration
* Fix all log dumps
* Stop server gracefully

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-12 13:43:31 -08:00
Brad Davidson
d78e490716 Bump containerd to v1.6.15-k3s1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-12 11:50:43 -08:00
dependabot[bot]
e53500f37f
Bump alpine from 3.16 to 3.17 in /conformance (#6687) 
Bumps alpine from 3.16 to 3.17.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-12 14:32:14 -05:00
dependabot[bot]
c7151e8b61
Bump alpine from 3.16 to 3.17 in /package (#6688) 
Bumps alpine from 3.16 to 3.17.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-12 14:31:56 -05:00
Chris Wayne
3cafc8e6dd
RIP Codespell (#6701) 
* RIP Codespell

Signed-off-by: Chris Wayne <cwayne18@gmail.com>
 2023-01-11 16:23:29 -08:00
ShylajaDevadiga
fd8481a29d
Adjust e2e test run script and fixes (#6718) 
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
 2023-01-11 16:09:45 -08:00
Brad Davidson
a298bfdb18 Add jitter to scheduled snapshots and retry harder on conflicts 
Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-11 14:32:03 -08:00
Brad Davidson
f0ec6a4c12 Exclude December r1 releases from channel server 
Stop offering installs of these releases due to the critical containerd regression.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-06 13:34:38 -08:00
Brad Davidson
bc6bebc998 Bump containerd to v1.6.14-k3s1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-04 12:53:07 -08:00
Guilherme Macedo
454440f9a3
Add Dependabot config for security ADR (#6560) 
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
 2023-01-03 14:01:57 -05:00
Alexey Vazhnov
870d9c32b0
Fix OpenRC init script error 'openrc-run.sh: source: not found' (#6614) 
To avoid error message:

user@server ~ % /etc/init.d/k3s status
/lib/rc/sh/openrc-run.sh: 28: /etc/init.d/k3s: source: not found
/lib/rc/sh/openrc-run.sh: 29: /etc/init.d/k3s: source: not found
 * status: stopped

I've replaced `source` with `sourcex`, defined in https://github.com/OpenRC/openrc/blob/master/sh/openrc-run.sh.in#L30
Classic shell `.` also works.
Tested in Devuan 5 Daedalus (based on Debian 12 bookworm / testing), package `openrc` version 0.45.2-2.

Signed-off-by: Alexey Vazhnov <vazhnov@boot-keys.org>
 2023-01-03 14:00:22 -05:00
Guilherme Macedo
97f162291a
Change Updatecli GH action reference branch (#6682) 
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
 2023-01-03 13:26:14 -05:00
Nikolai Shields
beafd9eaff
Update stable to v1.25.5 (#6618) 2023-01-03 12:03:58 -06:00
Guilherme Macedo
8f28de259c
Add initial Updatecli ADR automation (#6583) 
* Add initial Updatecli ADR automation

Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
 2023-01-03 12:56:08 -05:00
Chris Wayne
9e97a3b4aa
Current status badges (#6653) 
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
 2022-12-28 19:18:51 -05:00