Edgar Lee
0ac4c6a056
Expose rootless containerd socket directories for external access
...
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-02-09 14:22:03 -08:00
Edgar Lee
14c6c63b30
Expose rootless state dir under ~/.rancher/k3s/rootless
...
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-02-09 14:21:52 -08:00
Oleg Matskiv
e3b237fc35
Don't verify the node password if the local host is not running an agent
...
Signed-off-by: Oleg Matskiv <oleg.matskiv@gmail.com>
2024-02-09 14:21:43 -08:00
Mikhail Vorobyov
701e7e45ce
Fix iptables check when sbin isn't in user PATH
...
Signed-off-by: Mikhail Vorobyov <mikhail.vorobev@uni.lu>
2024-02-09 13:59:47 -08:00
Derek Nola
fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA ( #9340 )
...
* Reorder copy order for caching
* Enable longer http timeout requests
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Oliver Larsson
cfc3a124ee
[Testing]: Test_UnitApplyContainerdQoSClassConfigFileIfPresent (Created) ( #8945 )
...
Problem:
Function not tested.
Solution:
Unit test added.
Signed-off-by: Oliver Larsson <larsson.e.oliver@gmail.com>
2024-02-09 11:28:06 -08:00
Roberto Bonafiglia
cc04edf05f
Update Kube-router to v2.0.1
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-02-09 20:14:51 +01:00
Harrison Affel
a36cc736bc
allow executors to define containerd and docker behavior
...
Signed-off-by: Harrison Affel <harrisonaffel@gmail.com>
2024-02-09 15:51:35 -03:00
Derek Nola
b1323935dc
Add codcov secret for integration tests on Push ( #9422 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-08 09:01:36 -08:00
Brad Davidson
753c00f30c
Consistently handle component exit on shutdown
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Brad Davidson
9e076db724
Bump cri-dockerd
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Vitor Savian
e9cec46a23
Runtimes refactor using exec.LookPath
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-02-07 15:06:16 -03:00
Vitor Savian
f9ee66f4d8
Changed how lastHeartBeatTime works in the etcd condition
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-02-07 15:05:33 -03:00
Paulo Gomes
358c4d6aa9
build: Align drone base images ( #8959 )
...
Align the base images used in drone with the images used across the
ecosystem.
Signed-off-by: Paulo Gomes <paulo.gomes@suse.com>
2024-02-07 09:25:06 -08:00
Manuel Buil
950473e35f
Bump flannel version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-02-07 10:19:06 +01:00
Brad Davidson
8224a3a7f6
Fix ipv6 endpoint address selection for on-demand snapshots
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 18:02:36 -08:00
Brad Davidson
888f866dae
Fix issue with coredns node hosts controller
...
The nodes controller was reading from the configmaps cache, but doesn't add any handlers, so if no other controller added configmap handlers, the cache would remain empty.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 18:02:06 -08:00
Brad Davidson
77ba9904d1
Bump CNI plugins to v1.4.0
...
Ref: https://github.com/rancher/plugins/compare/v1.3.0-k3s1...v1.4.0-k3s2
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:49:14 -08:00
Brad Davidson
6ec1926f88
Add check for etcd-snapshot-dir and fix panic in Walk
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:47:33 -08:00
Brad Davidson
82e3c32c9f
Retry startup snapshot reconcile
...
The reconcile may run before the kubelet has created the node object; retry until it succeeds
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:46:24 -08:00
Brad Davidson
4005600d4e
Fix excessive retry on snapshot reconcile
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-06 17:46:24 -08:00
Pedro Tashima
6a57db553f
update channel ( #9388 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-02-06 22:14:52 -03:00
dependabot[bot]
5c92345423
Bump codecov/codecov-action from 3 to 4 ( #9353 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-06 16:33:59 -08:00
github-actions[bot]
a324146b76
Bump Trivy version ( #9237 )
...
* chore: Bump Trivy version
Made with ❤️ ️ by updatecli
* chore: Bump Trivy version
Made with ❤️ ️ by updatecli
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-02-06 16:33:34 -08:00
Derek Nola
fcd1108e73
Add ability to install K3s PR Artifact from GitHub ( #9185 )
...
* Add support for INSTALL_K3s_PR
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Add sha256sum to K3s PR artifacts
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Update install sha256sum
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Revert whitespace changes
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-06 16:30:12 -08:00
github-actions[bot]
f249fcc2f1
Bump Local Path Provisioner version ( #8953 )
...
* chore: Bump Local Path Provisioner version
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-02-06 16:57:07 -06:00
Brad Davidson
57482a1c1b
Bump helm-controller to fix issue with ChartContent
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-02 12:39:51 -08:00
Brad Davidson
c635818956
Bump runc and helm-controller versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Brad Davidson
97a22632b9
gofmt config_test.go
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Brad Davidson
29848dea3d
Fix issues with certs.d template generation
...
* Fix issue with bare host or IP as endpoint
* Fix issue with localhost registries not defaulting to http.
* Move the registry template prep to a separate function,
and adds tests of that function so that we can ensure we're
generating the correct content.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 12:09:13 -08:00
caroline-suse-rancher
6d77b7a920
Merge pull request #9278 from k3s-io/cdavis-stale-action
...
New stale action
2024-01-19 17:43:08 -05:00
caroline-suse-rancher
2d98c44fb3
Delete old stalebot
...
delete .github/stale.yml
Signed-off-by: caroline-suse-rancher <caroline.davis@suse.com>
2024-01-19 16:06:18 -05:00
caroline-suse-rancher
cef7e9e2dc
New stale action
...
This PR adds a new github stale action. This will replace our previous (and now deprecated) stalebot. Two notable differences are that issues will now go stale after 45 days of inactivity, and the most commonly used priority labels have been added for exemption.
Docs and list of inputs for stale action for reference here.
Signed-off-by: caroline-suse-rancher <caroline.davis@suse.com>
2024-01-19 16:04:46 -05:00
Pedro Tashima
d8907ce62c
Update to v1.29.1 ( #9259 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-01-18 10:15:18 -03:00
Vitor Savian
9a70021a9e
Error getting node in setEtcdStatusCondition
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Added retry and changed nodes for
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-01-11 22:06:36 -03:00
Brad Davidson
c87e6e5f7e
Move proxy dialer out of init() and fix crash
...
* Fixes issue where proxy support only honored server address via K3S_URL, not CLI or config.
* Fixes crash when agent proxy is enabled, but proxy env vars do not return a proxy URL for the server address (server URL is in NO_PROXY list).
* Adds tests
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 16:12:15 -08:00
Derek Nola
5303aa60e9
Fix nonexistent dependency repositories ( #9213 )
...
* Fix nonexistent dependency repositories
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Restore matching go.sum
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-01-11 11:01:49 -08:00
Brad Davidson
76fa022045
Enable network policy controller metrics
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:19:39 -08:00
Brad Davidson
c5a299d0ed
Bump quic-go for CVE-2023-49295
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:09:33 -08:00
Brad Davidson
6072476432
Add e2e test for embedded registry mirror
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
37e9b87f62
Add embedded registry implementation
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
ef90da5c6e
Add server CLI flag and config fields for embedded registry
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
b8f3967ad1
Add ADR for embedded registry
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
77846d63c1
Propagate errors up from config.Get
...
Fixes crash when killing agent while waiting for config from server
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
16d29398ad
Move registries.yaml load into agent config
...
Moving it into config.Agent so that we can use or modify it outside the context of containerd setup
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
5c99bdd9bd
Pin images instead of locking layers with lease
...
Layer leases never did what we wanted anyways, and this is the new approved interface for ensuring that images do not get GCd
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Ian Cardoso
df5e983fc8
add e2e startup test for rootless k3s ( #8383 )
...
* add test for rootless k3s
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
* fix comments
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
* Cleanup rootless e2e test, simplify logic
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-01-09 10:39:54 -08:00
ShylajaDevadiga
64dbbba996
update s3 e2e test ( #9025 )
...
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
Co-authored-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2024-01-09 10:29:32 -08:00
Vitor Savian
4a92ced8ee
Handle etcd status condition when cluster reset and disable etcd
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Set condition if node is unhealthy
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-01-09 11:20:41 -03:00
Aofei Sheng
8d2c40cdac
Use `ipFamilyPolicy: RequireDualStack` for dual-stack kube-dns ( #8984 )
...
Signed-off-by: Aofei Sheng <aofei@aofeisheng.com>
2024-01-09 00:44:03 +02:00