Commit Graph

3142 Commits

Author SHA1 Message Date
Brad Davidson
d95980bba3 Lock bootstrap data with empty key to prevent conflicts
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-05 10:56:57 -07:00
dependabot[bot]
12091fc724 Bump actions/setup-go from 3 to 4
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-04 16:45:13 -07:00
Brad Davidson
2992477c4b Debounce kubernetes service endpoint updates
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Brad Davidson
ece4d8e45c Fix tests to not hide failure location in dummp assert functions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Brad Davidson
e54ceaa497 Fix issue with stale connections to removed LB server
Track LB connections through each server so that they can be closed when it is removed.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Brad Davidson
5dece799df Update remotedialer to silence errors when disconnecting
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Guilherme Macedo
4182dcaac8
[UpdateCLI] Improve Klipper Helm and Helm controller bumps (#7146)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-04 13:43:12 -05:00
Hussein Galal
127cea1f3f
Upgrade helm-controller to v0.13.3 (#7209)
* Upgrade helm-controller to v0.13.3

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Upgrade klipper-helm image in the airgap list

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-04-04 20:20:40 +02:00
Derek Nola
d2e04b826a
Don't apply hardened args to agent (#7089)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-04-04 09:35:28 -07:00
Brad Davidson
d388b82d25 go generate
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 19:47:06 -07:00
Brad Davidson
de80c07053 Ensure that loopback is used for the advertised address when resetting
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 19:47:06 -07:00
Brad Davidson
b010db0cff Ensure that loopback is used for the advertised address when resetting
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 17:01:43 -07:00
Brad Davidson
877247a691 Bump runc to v1.1.5
Addresses GHSA-m8cg-xc2p-r3fc GHSA-vpvm-3wq2-2wvm GHSA-g2j6-57v7-gm8c

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 17:00:44 -07:00
Brad Davidson
eb982bbbde Bump etcd to v3.5.7
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 17:00:30 -07:00
Brad Davidson
cee3ddbc4a
Bump Local Path Provisioner version (#7167)
* chore: Bump Local Path Provisioner version
* go generate

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-04-03 16:00:16 -07:00
Guilherme Macedo
ddd9665fed
Improve Trivy configuration (#7154)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-03 14:09:21 -05:00
Guilherme Macedo
fdf994dc35
[UpdateCLI] Improve workflow (#7142)
* Improve UpdateCLI workflow
* Update Go version to stable in workflow

Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-03 13:40:49 -05:00
Guilherme Macedo
37b3f4d25c
Run go generate in local-path-provisioner Updatecli pipeline (#7181)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-03 09:30:56 -07:00
ShylajaDevadiga
8ec7d5e6b0
fix_get_sha_url (#7187)
Signed-off-by: ShylajaDevadiga <shylaja@rancher.com>
2023-03-31 13:26:29 -07:00
Derek Nola
a99376663b
Drone Pipelines enhancement (#7169)
* Dont run most pipelines on nightly cron

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't run skipfiles on push to master for arch pipelines

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-31 09:06:16 -07:00
Brooks Newberry
fb491f5ebf
Update stable channel to v1.26.3+k3s1 (#7161) 2023-03-29 15:49:08 -07:00
Derek Nola
d13ee64403
Enhance k3s check-config (#7091)
* Move  CONFIG_CGROUP_PIDS to Required

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-29 09:55:08 -07:00
Roberto Bonafiglia
01ea3ff27b Update flannel to fix NAT issue with old iptables version
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-22 18:15:34 +01:00
Derek Nola
c97370be6f
Clean E2E VMs before testing (#7109)
* Cleanup VMs proper

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-22 09:32:37 -07:00
Brooks Newberry
7c32f88fec
Pin golangci-lint version to v1.51.2 (#7113) 2023-03-20 09:59:43 -07:00
Brooks Newberry
dc4a148725
Update to v1.26.3-k3s1 (#7108) 2023-03-20 05:18:37 -07:00
Derek Nola
561ec056c1
Drone: Cleanup E2E VMs on test panic (#7104)
* Cleanup leftover VMs in E2E pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-17 11:35:05 -07:00
Derek Nola
9980504196
Fix to Rotate CA e2e test (#7101)
* Include note on service keys

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix rotate cert ca test

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove periods

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add new test to nightly script

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-16 17:56:17 -07:00
Esteban Esquivel Alvarado
85b261096c
Add automation for Restart command for K3s (#7002)
Signed-off-by: est-suse <esteban.esquivel@suse.com>
2023-03-14 15:47:18 -07:00
Chris Wayne
19ac384929
Remove Nikolai from MAINTAINERS list (#7088)
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2023-03-14 14:33:06 -04:00
Roberto Bonafiglia
7d2f997b3e Added multiClusterCIDR E2E test
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Roberto Bonafiglia
262cd7de0a Added IPv6 check and agent restart on e2e test utils
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Roberto Bonafiglia
15ee88964b Added multiClusterCidr feature
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Daniel Mills
822ee79eb8
Remove deprecated nodeSelector label beta.kubernetes.io/os (#6970)
* Remove deprecated nodeSelector label beta.kubernetes.io/os

Problem:
The nodeSelector label beta.kubernetes.io/os in the CoreDNS deployment was deprecated in 1.14 and will likely be removed soon

Solution:
Change the nodeSelector to remove the beta

Signed-off-by: Dan Mills <evilhamsterman@gmail.com>
2023-03-14 12:56:40 -04:00
Richard Steinmetz
a912902aa7
Add missing kernel config checks (#6946)
Add additional kernel config checks for NETFILTER_XT_MATCH_COMMENT and
NETFILTER_XT_MATCH_MULTIPORT as they are both required to run k3s.

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
2023-03-14 12:55:38 -04:00
Matt Trachier
8503d0143c
skip all pipelines based on what is in the PR (#6996)
* add droneignore, make trivial change to README for testing, updating drone config to use droneignore to skip CI when files are all matched

Signed-off-by: matttrach <matttrach@gmail.com>
2023-03-14 12:49:44 -04:00
Brad Davidson
977a85559e Add support for cross-signing new certs during ca rotation
We need to send the full chain in order for cross-signing to work
properly during switchover to a new root.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-03-13 16:56:28 -07:00
Brad Davidson
68fcb48a35 Update/rename certs.sh; add default cert rotation script
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-03-13 16:56:28 -07:00
Daishan Peng
b7f90f389c
Wait for kubelet port to be ready before setting (#7041)
* Wait for kubelet port to be ready before setting
* Wait for kubelet to update the Ready status before reading port

Signed-off-by: Daishan Peng <daishan@acorn.io>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2023-03-13 13:48:02 -07:00
Matt Trachier
a45d081027
update stable version in channel server (#7066) 2023-03-13 13:43:22 -07:00
Derek Nola
d218068f34
Adds a warning about editing to the containerd config.toml file (#7057)
* Add a warning to the config.toml file

Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2023-03-13 13:42:17 -07:00
Derek Nola
c259403af1
Bump various dependencies for CVEs (#7044)
* Bump wrangler to 1.1.1
* Match golang.org/x/net with flannel version
* Match golang.org/x/sys with containerd version
* Update gax-go to 2.1.1
* Isolate terraform e2e test with seperate go.mod/go.sum
* Bump containerd

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-13 09:37:45 -07:00
Roberto Bonafiglia
e098b99bfa
Update flannel and kube-router (#7039)
* Update kube-router version to fix iptables rules

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

* Update Flannel to v0.21.3

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

---------

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-10 19:57:16 -08:00
Derek Nola
c78dc4db71
Add flannel adr (#6973)
* Add flannel adr

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Incorporate Brads comments

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove the "s"

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Updated table with more info on flags

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Update docs/adrs/flannel-options.md

Co-authored-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>
2023-03-10 19:55:32 -08:00
Derek Nola
522ad1e697
Add E2E to Drone (#6890)
* Initial drone vagrant pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Build e2e test image

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add docker registry to E2E pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Bump libvirt image

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add ci flag to secretsencryption

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix vagrant log on secretsencryption

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove DB parallel tests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Reduce sonobuoy tests even further

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add local build

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add cron conformance pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add string output for nodes

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Switch snapshot restore for upgrade cluster

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix cp

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-10 19:53:41 -08:00
Matt Trachier
ea094d1d49
Update to v1.26.2-k3s1 (#7011)
* Update to v1.26.2
* update gh workflows and docker files to proper go version
---------
Signed-off-by: matttrach <matttrach@gmail.com>
2023-03-01 16:48:23 -06:00
Brad Davidson
ee28c20b62 Bump kine to v0.9.9
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-23 17:19:18 -08:00
Brad Davidson
cbe4bcfeee Add test for filterByIPFamily
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-21 14:13:22 -08:00
Brad Davidson
cc333d8d0c Fix ServiceLB dual-stack ingress IP listing
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-21 14:13:22 -08:00
Brad Davidson
2156015521 Improve default umask for certs.sh
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-14 09:39:41 -08:00