Brad Davidson
8340b54309
Pass through default tls-cipher-suites
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-12 14:51:04 -08:00
Derek Nola
cc3583399a
Add explicit permissions to workflows ( #6700 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-12 13:57:57 -08:00
dependabot[bot]
d85952d6a0
Bump ubuntu from 20.04 to 22.04 in /tests/e2e/scripts ( #6686 )
...
Bumps ubuntu from 20.04 to 22.04.
---
updated-dependencies:
- dependency-name: ubuntu
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 13:57:28 -08:00
Derek Nola
674a05478f
Containerd restart testlet ( #6696 )
...
* Add containerd testlet to startup integration
* Fix all log dumps
* Stop server gracefully
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-12 13:43:31 -08:00
Brad Davidson
d78e490716
Bump containerd to v1.6.15-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-12 11:50:43 -08:00
dependabot[bot]
e53500f37f
Bump alpine from 3.16 to 3.17 in /conformance ( #6687 )
...
Bumps alpine from 3.16 to 3.17.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 14:32:14 -05:00
dependabot[bot]
c7151e8b61
Bump alpine from 3.16 to 3.17 in /package ( #6688 )
...
Bumps alpine from 3.16 to 3.17.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 14:31:56 -05:00
Chris Wayne
3cafc8e6dd
RIP Codespell ( #6701 )
...
* RIP Codespell
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2023-01-11 16:23:29 -08:00
ShylajaDevadiga
fd8481a29d
Adjust e2e test run script and fixes ( #6718 )
...
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2023-01-11 16:09:45 -08:00
Brad Davidson
a298bfdb18
Add jitter to scheduled snapshots and retry harder on conflicts
...
Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-11 14:32:03 -08:00
Brad Davidson
f0ec6a4c12
Exclude December r1 releases from channel server
...
Stop offering installs of these releases due to the critical containerd regression.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-06 13:34:38 -08:00
Brad Davidson
bc6bebc998
Bump containerd to v1.6.14-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-04 12:53:07 -08:00
Guilherme Macedo
454440f9a3
Add Dependabot config for security ADR ( #6560 )
...
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-01-03 14:01:57 -05:00
Alexey Vazhnov
870d9c32b0
Fix OpenRC init script error 'openrc-run.sh: source: not found' ( #6614 )
...
To avoid error message:
user@server ~ % /etc/init.d/k3s status
/lib/rc/sh/openrc-run.sh: 28: /etc/init.d/k3s: source: not found
/lib/rc/sh/openrc-run.sh: 29: /etc/init.d/k3s: source: not found
* status: stopped
I've replaced `source` with `sourcex`, defined in https://github.com/OpenRC/openrc/blob/master/sh/openrc-run.sh.in#L30
Classic shell `.` also works.
Tested in Devuan 5 Daedalus (based on Debian 12 bookworm / testing), package `openrc` version 0.45.2-2.
Signed-off-by: Alexey Vazhnov <vazhnov@boot-keys.org>
2023-01-03 14:00:22 -05:00
Guilherme Macedo
97f162291a
Change Updatecli GH action reference branch ( #6682 )
...
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-01-03 13:26:14 -05:00
Nikolai Shields
beafd9eaff
Update stable to v1.25.5 ( #6618 )
2023-01-03 12:03:58 -06:00
Guilherme Macedo
8f28de259c
Add initial Updatecli ADR automation ( #6583 )
...
* Add initial Updatecli ADR automation
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-01-03 12:56:08 -05:00
Chris Wayne
9e97a3b4aa
Current status badges ( #6653 )
...
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2022-12-28 19:18:51 -05:00
Brad Davidson
fae8817655
Bump k3s-root version to v0.12.1
...
Adds support for loading compressed kernel modules
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 16:54:43 -08:00
Brad Davidson
0c9b43746b
Preload iptable_filter/ip6table_filter
...
ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 12:51:00 -08:00
Hussein Galal
f8b661d590
Update to v1.26.0-k3s1 ( #6370 )
...
* Update to v1.26.0-alpha.2
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* go generate
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Default CURRENT_VERSION to VERSION_TAG for alpha versions
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* remove containerd package
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update k8s to v1.26.0-rc.0-k3s1 cri-tools cri-dockerd and cadvisor
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* replace cri-api reference to the new api
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* go mod tidy
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix version script to allow rc and alphas
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix version script to allow rc and alphas
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix version script to allow rc and alphas
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update to Kubernetes 1.26.0-rc.1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Undo helm-controller pin
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Bump containerd to -k3s2 for stargz fix
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* DevicePlugins featuregate is locked to on
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Bump kine for DeleteRange fix
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Update to v1.26.0-k3s1
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* go mod tidy
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Bring back snapshotter checks and update golang to 1.19.4
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix windows containerd snapshotter checks
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-10 01:42:15 +02:00
Derek Nola
b5d39df929
Deprecation of etcd-snapshot
command in v1.26 ( #6575 )
...
* Consolidate etcd snapshot commands
* Consolidate secrets encryption commands
* Move etcd-snapshot to fatal error stage.
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-05 15:28:01 -08:00
Derek Nola
d723775792
Remove deprecated flags in v1.26 ( #6574 )
...
* Remove NoFlannel
* Remove cluster-secret
* Remove no-deploy
* Remove disable-selinux
* Convert wireguard to fatal error
* Remove reference to no-op K3S_CLUSTER_SECRET
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-05 14:01:01 -08:00
Klaas Demter
457e5e7379
Update install.sh to recommend current version of k3s-selinux
...
Signed-off-by: Klaas Demter <re4il07t@duck.com>
2022-12-05 11:52:33 -08:00
Matt Trachier
95bb3dce97
adding expanded release docs ( #6237 )
...
Signed-off-by: matttrach <matttrach@gmail.com>
2022-12-02 16:27:02 -06:00
Derek Nola
b255b07de2
Remove nodejs12 based GH actions ( #6593 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-02 09:07:21 -08:00
Guilherme Macedo
9d8260a3f6
Add ADR for security bumps automation ( #6559 )
...
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2022-12-02 12:06:34 -05:00
Roberto Bonafiglia
091017d8c2
Update flannel to v0.20.2
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2022-12-01 22:21:58 +01:00
Brad Davidson
2835368ecb
Bump k3s-root and remove embedded strongswan support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-01 12:40:40 -08:00
Derek Nola
af8f101bdc
Mark secrets-encryption flag as GA ( #6582 )
...
* Mark secrets-encrypt flag as GA
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-01 08:50:51 -08:00
Brad Davidson
915c7719fe
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
Brad Davidson
2a496d4fd3
Bump metrics-server to v0.6.2
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
Brad Davidson
1eeea5c81f
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
Brad Davidson
d539a0a124
Sync packaged component Deployment config
...
Don't override replicas; set revisionHistoryLimit and strategy
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
Brad Davidson
e08a662509
Disable CCM metrics port when legacy CCM functionality is disabled
...
Prevents port conflicts on upgrade for users that have deployed other cloud controllers.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:08:31 -08:00
Brad Davidson
953c7699b4
Fix artifact upload with aws s3 cp
; update secret
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-28 12:38:56 -08:00
Brad Davidson
16fa128e96
Fix passing AWS creds through Dapper
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-28 10:59:42 -08:00
Sakala Venkata Krishna Rohit
4e2e91e089
Switch from Google Buckets to AWS S3 Buckets ( #6497 )
...
* Add python pip pakacge to install aws cli
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Upload build artifacts to aws s3 instead of gcp bucket
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Upload logs to aws s3 instead of google buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Replace gcloud auth with aws credentials for artifact uploading to buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Replace usage of google bucket with aws s3 buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
2022-11-28 19:27:43 +02:00
Brad Davidson
a07bb555ba
Bump klipper-helm and klipper-lb versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-23 14:55:59 -08:00
Derek Nola
614da78e43
Add prefer-bundled-bin
as an agent flag ( #6545 )
...
* Add prefer-bundled-bin as an agent flag
* Add E2E test for prefer-bundled-bin
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-11-22 13:43:16 -08:00
Hussein Galal
1f3e8f69d4
Mark v1.25.4+k3s1 as stable ( #6534 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2022-11-22 20:37:47 +02:00
Manuel Buil
1beecb2e2d
Merge pull request #6531 from manuelbuil/fixLogs
...
Fix log for flannelExternalIP use case
2022-11-22 16:54:26 +01:00
Manuel Buil
f420a8f35a
Merge pull request #6517 from manuelbuil/fixWinVxlan0
...
Remove stuff which belongs in the windows executor implementation
2022-11-22 15:11:58 +01:00
Manuel Buil
483e29e783
Remove stuff which belongs in the windows executor implementation
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-11-22 12:32:13 +01:00
Brad Davidson
9ff0943d56
Address nits from self-review
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-21 15:23:30 -08:00
Brad Davidson
56bf7d6ad3
Allow agent to run rootless
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-21 15:23:30 -08:00
Brad Davidson
6f2b21c5cd
Add rootless IPv6 support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-21 15:23:30 -08:00
Brad Davidson
c02dceb7ad
Make rootless settings configurable
...
Add enivironment variables for port-driver, cidr, mtu, and disable-host-loopback settings. Since rootless is still experimental, I don't think they deserve full CLI flag status.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-21 15:23:30 -08:00
Brad Davidson
73171ff20a
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-21 13:44:54 -08:00
Brad Davidson
7964ada773
Pull modified traefik charts from k3s-charts repo
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-21 13:44:54 -08:00