03fd2f278a
Add utility functions for getting kubernetes client
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3c324335b2
2023-02-10 09:33:55 -08:00
4a28be3c57
Fix CA cert hash for root certs
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 58d40327b4
2023-02-10 09:33:55 -08:00
7fce823e82
Ensure cluster-signing CA files contain only a single CA cert
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 0919ec6755
2023-02-10 09:33:55 -08:00
c47f12354c
Add example certificate generation script
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 1ec242d816
2023-02-10 09:33:55 -08:00
cf689d8126
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-10 07:26:50 -08:00
1ed38578c2
Check for existing resources before creating them
...
Prevents errors when starting with fail-closed webhooks
Also, use panic instead of Fatalf so that the CloudControllerManager rescue can handle the error
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-10 07:26:50 -08:00
058c6e24b3
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 1c6fde9a52
2023-02-09 15:17:55 -08:00
1a5b77b486
Honor Service ExternalTrafficPolicy
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 369b81b45e
2023-02-09 15:17:55 -08:00
8ff0308247
Bump wrangler version for EndpointSlice support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 94d1a87509
2023-02-09 15:17:55 -08:00
ae874ea57f
Use default address family when adding kubernetes service address to SAN list
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-09 11:51:56 -08:00
4944776f88
Ignore value conflicts when reencrypting secrets ( #6919 )
...
* Ignore conflict secrets
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-02-08 12:14:22 -08:00
8fc229521a
[Release-1.25] Consolidate E2E tests ( #6887 )
...
* Consolidate E2E tests and GH Actions (#6772 )
* Consolidate cluster reset and snapshot E2E tests
* Add more context to secrets-encryption test
* Reuse build workflow
* Convert updatecli to job level permissions
* Remove dweomer microos from E2E and install testing
Signed-off-by: Derek Nola <derek.nola@suse.com>
* E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851 )
* Convert docker E2E to startup E2E
* Move preferedbundled into the e2e startup test
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Update nightly channel
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-02-06 14:58:32 -08:00
f4a75678d8
[Release-1.25] Ensure flag type consistency ( #6867 )
...
* Standardize flag declaration
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-02-01 09:23:43 -08:00
9874f95d6b
Fix cron example ( #6864 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 11:33:51 -08:00
2745bd25bd
Bump vagrant boxes to fedora37 ( #6858 )
...
* Bump to generic/fedora37
* fix epic permissions
* Disable sonobuoy on rootless
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 09:43:49 -08:00
be8d8bb412
Wait for cri-dockerd socket ( #6853 )
...
* Wait for cri-dockerd socket
* Consolidate cri utility functions
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 09:43:23 -08:00
d6fa972b2c
Bugfix: do not break cert-manager when pprof is enabled ( #6635 )
...
Signed-off-by: Silvio Moioli <silvio@moioli.net>
(cherry picked from commit 23c1040adb
2023-01-26 17:36:12 -08:00
4c17994391
Set cri-dockerd version at build time
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:33:04 -08:00
ab9c5f9577
Bump cri-dockerd
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:33:04 -08:00
6344590447
Add jitter to scheduled snapshots and retry harder on conflicts
...
Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:31:08 -08:00
9176e03c57
Update to v1.25.6+k3s1 ( #6775 )
2023-01-19 07:56:25 -08:00
8b5cbf0629
drone correct plugins/docker tag supporting linux/arm ( #6768 )
2023-01-18 12:21:48 -08:00
c350594f18
Fix CI tests
...
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f54b5e4fa0
2023-01-17 18:15:24 -08:00
42e3390507
chore: Bump golang:alpine version ( #6683 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
(cherry picked from commit a4549cf989
2023-01-17 18:15:24 -08:00
c7359fe537
Bump ubuntu from 20.04 to 22.04 in /tests/e2e/scripts ( #6686 )
...
Bumps ubuntu from 20.04 to 22.04.
---
updated-dependencies:
- dependency-name: ubuntu
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit d85952d6a0
2023-01-17 18:15:24 -08:00
8c2147a684
Bump alpine from 3.16 to 3.17 in /conformance ( #6687 )
...
Bumps alpine from 3.16 to 3.17.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit e53500f37f
2023-01-17 18:15:24 -08:00
dc53acb3bc
Bump alpine from 3.16 to 3.17 in /package ( #6688 )
...
Bumps alpine from 3.16 to 3.17.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit c7151e8b61
2023-01-17 18:15:24 -08:00
f95e8ffbfa
Bump download artifact to v3 ( #6747 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-17 09:40:20 -08:00
6d43d65fb6
Bump containerd to v1.6.15-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-13 22:15:39 -08:00
45c337bb1f
Pass through default tls-cipher-suites
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-13 17:17:21 -08:00
de654222cb
Bump containerd to v1.6.14-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-04 13:16:52 -08:00
48e5d2af5b
Bump k3s-root version to v0.12.1
...
Adds support for loading compressed kernel modules
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 17:39:11 -08:00
a6684bd5d8
Preload iptable_filter/ip6table_filter
...
ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 17:39:11 -08:00
7f6e1d1552
Bump containerd to v1.6.12
...
Also bump containerd client module to v1.5.16-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-09 17:33:00 -08:00
e732686586
Update to v1.25.5-k3s1 ( #6622 )
2022-12-08 22:13:09 -06:00
457e5e7379
Update install.sh to recommend current version of k3s-selinux
...
Signed-off-by: Klaas Demter <re4il07t@duck.com>
2022-12-05 11:52:33 -08:00
95bb3dce97
adding expanded release docs ( #6237 )
...
Signed-off-by: matttrach <matttrach@gmail.com>
2022-12-02 16:27:02 -06:00
b255b07de2
Remove nodejs12 based GH actions ( #6593 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-02 09:07:21 -08:00
9d8260a3f6
Add ADR for security bumps automation ( #6559 )
...
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2022-12-02 12:06:34 -05:00
091017d8c2
Update flannel to v0.20.2
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2022-12-01 22:21:58 +01:00
2835368ecb
Bump k3s-root and remove embedded strongswan support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-01 12:40:40 -08:00
af8f101bdc
Mark secrets-encryption flag as GA ( #6582 )
...
* Mark secrets-encrypt flag as GA
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-01 08:50:51 -08:00
915c7719fe
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
2a496d4fd3
Bump metrics-server to v0.6.2
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
1eeea5c81f
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
d539a0a124
Sync packaged component Deployment config
...
Don't override replicas; set revisionHistoryLimit and strategy
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:09:32 -08:00
e08a662509
Disable CCM metrics port when legacy CCM functionality is disabled
...
Prevents port conflicts on upgrade for users that have deployed other cloud controllers.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-30 15:08:31 -08:00
953c7699b4
Fix artifact upload with `aws s3 cp`; update secret
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-28 12:38:56 -08:00
16fa128e96
Fix passing AWS creds through Dapper
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-28 10:59:42 -08:00
4e2e91e089
Switch from Google Buckets to AWS S3 Buckets ( #6497 )
...
* Add python pip pakacge to install aws cli
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Upload build artifacts to aws s3 instead of gcp bucket
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Upload logs to aws s3 instead of google buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Replace gcloud auth with aws credentials for artifact uploading to buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Replace usage of google bucket with aws s3 buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
2022-11-28 19:27:43 +02:00
Brad Davidson