Commit Graph

3062 Commits

Author SHA1 Message Date
Brad Davidson
6ec1926f88 Add check for etcd-snapshot-dir and fix panic in Walk
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:47:33 -08:00
Brad Davidson
82e3c32c9f Retry startup snapshot reconcile
The reconcile may run before the kubelet has created the node object; retry until it succeeds

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:46:24 -08:00
Brad Davidson
4005600d4e Fix excessive retry on snapshot reconcile
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:46:24 -08:00
Pedro Tashima
6a57db553f
update channel (#9388)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-02-06 22:14:52 -03:00
dependabot[bot]
5c92345423
Bump codecov/codecov-action from 3 to 4 (#9353)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-06 16:33:59 -08:00
github-actions[bot]
a324146b76
Bump Trivy version (#9237)
* chore: Bump Trivy version

Made with ❤️️ by updatecli

* chore: Bump Trivy version

Made with ❤️️ by updatecli

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-02-06 16:33:34 -08:00
Derek Nola
fcd1108e73
Add ability to install K3s PR Artifact from GitHub (#9185)
* Add support for INSTALL_K3s_PR

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add sha256sum to K3s PR artifacts

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Update install sha256sum

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Revert whitespace changes

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-06 16:30:12 -08:00
github-actions[bot]
f249fcc2f1
Bump Local Path Provisioner version (#8953)
* chore: Bump Local Path Provisioner version
---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-02-06 16:57:07 -06:00
Brad Davidson
57482a1c1b Bump helm-controller to fix issue with ChartContent
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-02 12:39:51 -08:00
Brad Davidson
c635818956 Bump runc and helm-controller versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Brad Davidson
97a22632b9 gofmt config_test.go
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Brad Davidson
29848dea3d Fix issues with certs.d template generation
* Fix issue with bare host or IP as endpoint
* Fix issue with localhost registries not defaulting to http.
* Move the registry template prep to a separate function,
  and adds tests of that function so that we can ensure we're
  generating the correct content.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 12:09:13 -08:00
caroline-suse-rancher
6d77b7a920
Merge pull request #9278 from k3s-io/cdavis-stale-action
New stale action
2024-01-19 17:43:08 -05:00
caroline-suse-rancher
2d98c44fb3
Delete old stalebot
delete .github/stale.yml

Signed-off-by: caroline-suse-rancher <caroline.davis@suse.com>
2024-01-19 16:06:18 -05:00
caroline-suse-rancher
cef7e9e2dc
New stale action
This PR adds a new github stale action. This will replace our previous (and now deprecated) stalebot. Two notable differences are that issues will now go stale after 45 days of inactivity, and the most commonly used priority labels have been added for exemption.

Docs and list of inputs for stale action for reference here.

Signed-off-by: caroline-suse-rancher <caroline.davis@suse.com>
2024-01-19 16:04:46 -05:00
Pedro Tashima
d8907ce62c
Update to v1.29.1 (#9259)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-01-18 10:15:18 -03:00
Vitor Savian
9a70021a9e Error getting node in setEtcdStatusCondition
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Added retry and changed nodes for

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-01-11 22:06:36 -03:00
Brad Davidson
c87e6e5f7e Move proxy dialer out of init() and fix crash
* Fixes issue where proxy support only honored server address via K3S_URL, not CLI or config.
* Fixes crash when agent proxy is enabled, but proxy env vars do not return a proxy URL for the server address (server URL is in NO_PROXY list).
* Adds tests

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 16:12:15 -08:00
Derek Nola
5303aa60e9
Fix nonexistent dependency repositories (#9213)
* Fix nonexistent dependency repositories

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Restore matching go.sum

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-01-11 11:01:49 -08:00
Brad Davidson
76fa022045 Enable network policy controller metrics
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:19:39 -08:00
Brad Davidson
c5a299d0ed Bump quic-go for CVE-2023-49295
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:09:33 -08:00
Brad Davidson
6072476432 Add e2e test for embedded registry mirror
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
37e9b87f62 Add embedded registry implementation
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
ef90da5c6e Add server CLI flag and config fields for embedded registry
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
b8f3967ad1 Add ADR for embedded registry
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
77846d63c1 Propagate errors up from config.Get
Fixes crash when killing agent while waiting for config from server

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
16d29398ad Move registries.yaml load into agent config
Moving it into config.Agent so that we can use or modify it outside the context of containerd setup

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
5c99bdd9bd Pin images instead of locking layers with lease
Layer leases never did what we wanted anyways, and this is the new approved interface for ensuring that images do not get GCd

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Ian Cardoso
df5e983fc8
add e2e startup test for rootless k3s (#8383)
* add test for rootless k3s

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>

* fix comments

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>

* Cleanup rootless e2e test, simplify logic

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-01-09 10:39:54 -08:00
ShylajaDevadiga
64dbbba996
update s3 e2e test (#9025)
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
Co-authored-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2024-01-09 10:29:32 -08:00
Vitor Savian
4a92ced8ee Handle etcd status condition when cluster reset and disable etcd
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Set condition if node is unhealthy

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-01-09 11:20:41 -03:00
Aofei Sheng
8d2c40cdac
Use ipFamilyPolicy: RequireDualStack for dual-stack kube-dns (#8984)
Signed-off-by: Aofei Sheng <aofei@aofeisheng.com>
2024-01-09 00:44:03 +02:00
github-actions[bot]
ac8fe8de2b
fix: update trivy from 0.46.1 to 0.48.1 (#8812)
Signed-off-by: matttrach <matttrach@gmail.com>
Co-authored-by: matttrach <matttrach@gmail.com>
2024-01-08 15:14:23 -06:00
Manuel Buil
6330e26bb3 Wait for taint to be gone in the node before starting the netpol controller
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-01-08 12:04:18 +01:00
ifNil
102ff76328
Print error when downloading file error inside install script (#6874)
* Print error when downloading file error inside install script
* Update install.sh.sha256sum

Signed-off-by: yhw <2278069802@qq.com>
2024-01-04 21:30:33 -08:00
Brad Davidson
eae221f9e5 Fix OS PRETTY_NAME on tagged releases
These were always showing up as dev due to the build arg not being set by the drone step.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 19:42:28 -08:00
Brad Davidson
b297996b92 Add runtime checking of golang version
Forces other groups packaging k3s to intentionally choose to build k3s with an unvalidated golang version

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 17:22:46 -08:00
Lex Rivera
5fe074b540
Add more paths to crun runtime detection (#9086)
* add usr/local paths for crun detection

Signed-off-by: Lex Rivera <me@lex.io>
2024-01-04 16:51:13 -08:00
Brad Davidson
c45524e662 Add support for containerd cri registry config_path
Render cri registry mirrors.x.endpoints and configs.x.tls into config_path; keep
using mirrors.x.rewrites and configs.x.auth those do not yet have an
equivalent in the new format.

The new config file format allows disabling containerd's fallback to the
default endpoint when using mirror endpoints; a new CLI flag is added to
control that behavior.

This also re-shares some code that was unnecessarily split into parallel
implementations for linux/windows versions. There is probably more work
to be done on this front but it's a good start.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 16:50:26 -08:00
Brad Davidson
319dca3e82 Fix nil map in full snapshot configmap reconcile
If a full reconcile wins the race against sync of an individual snapshot resource, or someone intentionally deletes the configmap, the data map could be nil and cause a crash.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 16:49:58 -08:00
Brad Davidson
db7091b3f6 Handle logging flags when parsing kube-proxy args
Also adds a test to ensure this continues to work.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 16:23:03 -08:00
Brad Davidson
1e663622d2 Fix the OTHER log message that prints the wrong variable
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 15:23:39 -08:00
Brad Davidson
08ccea5cb6 Fix install script checksum
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 12:57:31 -08:00
Pedro Tashima
9d21b8a135
add system-agent-installer-k3s step to ga release (#9153)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-01-04 13:38:57 -03:00
Ivan Shapovalov
a7fe1aaaa5 Dockerfile.dapper: set $HOME properly
`$HOME` refers to `$DAPPER_SOURCE`, which is set in the same expression
and is thus not visible at the time of substitution.

This problem is not immediately visible with Docker, Inc.'s docker
merely because it resets an unset `$HOME` to `/root` (but still breaking
the Go cache). Under podman, this problem is immediately visible because
an unset `$HOME` remains unset and subsequently breaks the `go generate`
invocation.

Fixes #9089.

Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
2024-01-03 14:20:34 -08:00
Manuel Buil
30449e0128 Add 2>dev/null when checking nm-cloud systemd unit
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-01-03 09:36:11 +01:00
Derek Nola
0ad5d65a1e
Added support for env *_PROXY variables for agent loadbalancer (#9118)
Signed-off-by: Yodo <pierre@azmed.co>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Pierre <129078893+pierre-az@users.noreply.github.com>
2024-01-02 17:13:30 -08:00
Brad Davidson
a27d660a24 Add ServiceLB support for PodHostIPs FeatureGate
If the feature-gate is enabled, use status.hostIPs for dual-stack externalTrafficPolicy=Local support

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-02 16:00:09 -08:00
Harsimran Singh Maan
baaab250a7
Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM (#8703)
When k3s is installed with INSTALL_K3S_SKIP_SELINUX_RPM=true or
INSTALL_K3S_SKIP_DOWNLOAD=true or INSTALL_K3S_SKIP_DOWNLOAD=selinux,
the following message(or similar) is seen on Amazon Linux 2023/Centos
```
[INFO]  Skipping installation of SELinux RPM
[WARN]  Failed to find the k3s-selinux policy, please install:
    dnf install -y container-selinux
    dnf install -y https://rpm.rancher.io/k3s/stable/common/centos/8/noarch/

[INFO]  Creating /usr/bin/kubectl symlink to k3s
```

whereas now

```
[INFO]  Skipping installation of SELinux RPM
[INFO]  Creating /usr/bin/kubectl symlink to k3s
```

Signed-off-by: Harsimran Singh Maan <maan.harry@gmail.com>
2024-01-02 12:30:07 -08:00
Derek Nola
aca1c2fd11
Add a retry around updating a secrets-encrypt node annotations (#9039)
* Add a retry around updating a se node annotations

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-01-02 12:21:37 -08:00