Commit Graph

3376 Commits (14eee80f699ad6921f847ed8366d174131266cfd)

Author SHA1 Message Date
dependabot[bot] 14eee80f69
Bump aquasecurity/trivy-action from 0.24.0 to 0.27.0 (#11105)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.24.0 to 0.27.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.24.0...0.27.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-16 12:22:17 -07:00
Derek Nola 4888376682
Fix Github Actions for Ubuntu-24.04 (#11112)
* Fix vagrant/libvirt composite action for ubuntu-24.04

* Don't ignore changes to internal actions

* Fix unit tests for ubuntu 24.04, new lsof version

* Pin os version for unit and E2E workflows

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-16 12:22:07 -07:00
manuelbuil 536fa44eb0 Revert "Make svclb as simple as possible"
This reverts commit 1befd65a0a.

Signed-off-by: manuelbuil <mbuil@suse.com>
2024-10-15 20:30:03 +02:00
Derek Nola a44cb16ce1
Rollback GHA to Ubuntu 22.04 (#11111)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-15 09:37:51 -07:00
github-actions[bot] 35fe4a14a3
chore: Bump Trivy version (#11103)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-10-15 09:00:19 -07:00
manuelbuil 054cec849f Add the nvidia runtime cdi
Signed-off-by: manuelbuil <mbuil@suse.com>
2024-10-11 21:38:21 +02:00
manuelbuil 660c6052c2 Make svclb as simple as possible
Signed-off-by: manuelbuil <mbuil@suse.com>
2024-10-11 10:52:47 +02:00
manuelbuil 65d9d06327 Remove svclb daemonset
Signed-off-by: manuelbuil <mbuil@suse.com>
2024-10-11 10:52:47 +02:00
Brad Davidson 430a7dc9d8 Bump containerd to v1.7.22
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-10 15:36:21 -07:00
Brad Davidson 7552203fc5 Bump helm-controller and klipper-helm
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-09 23:22:27 -07:00
Brad Davidson b0ad6d846d Bump local-path-provisioner to v0.0.30
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-09 19:49:35 -07:00
github-actions[bot] c00af8e95e chore: Bump Local Path Provisioner version
Made with ❤️️ by updatecli

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-09 14:06:21 -07:00
Brad Davidson 1ae9ca73f5 Update tcpproxy for import path change
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-09 11:46:08 -07:00
manuelbuil e475ba70b8 Add e2e test for advanced fields in services
Signed-off-by: manuelbuil <mbuil@suse.com>
2024-10-09 12:32:27 +02:00
Brad Davidson c6392c9ffc Fix issue that caused passwd file and psk to be regenerated when rotating CA certs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-08 17:03:31 -07:00
Brad Davidson b1a42e5d43 Add ca-cert rotation integration test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-08 17:03:31 -07:00
github-actions[bot] e9c529530c
chore: Bump Trivy version (#10996)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-10-07 13:38:24 -07:00
Brad Davidson 0826ebc142 Fix race condition when multiple nodes reconcile S3 snapshots
Don't delete s3 etcdsnapshotfiles if they are missing from s3 but less than a minute old, its possible the other node just finished uploading it and the object key has not yet become visible.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-07 11:11:58 -07:00
Ludo Stellingwerff 38d13e03d9
Allow additional Rootless CopyUpDirs through K3S_ROOTLESS_COPYUPDIRS env variable (#10386)
Signed-off-by: Ludo Stellingwerff <ludo.stellingwerff@gmail.com>
2024-10-07 09:38:11 -07:00
Brad Davidson 0942e6a0c5 Fix sqlite endpoint when migrating from sqlite to etcd
Support for 'sqlite' as the endpoint was removed in
https://github.com/k3s-io/kine/pull/320 and the constant removed in
https://github.com/k3s-io/kine/pull/325

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-03 10:54:03 -07:00
Brad Davidson c9e7b05971 Bump kine
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-03 10:54:03 -07:00
Papiris f288ccea7e
Remove trailing whitespace (#9362)
* Remove trailing whitespace from install.sh

Signed-off-by: Papiris <contributions@ingeniorskap.no>

* Update install.sh.sha256sum

Signed-off-by: Papiris <contributions@ingeniorskap.no>

---------

Signed-off-by: Papiris <contributions@ingeniorskap.no>
2024-10-02 09:51:11 -07:00
jonarmani 7ca021ea89
Update README.md (#10523)
Half of 8 is 3, in a way.

Signed-off-by: jonarmani <3901100+jonarmani@users.noreply.github.com>
2024-10-02 09:50:45 -07:00
Derek Nola cd02fdfa39
Bump to new wharfie version (#10971)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-02 08:58:08 -07:00
Vitor Savian 1ff43bf07f Add user path to runtimes search
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-10-02 09:52:11 -03:00
Derek Nola ab89363e18
Fix trivy vex line (#10970)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-01 15:06:49 -07:00
Guilherme Macedo 0553a1a1d9
Pass Rancher's VEX report to Trivy to remove known false-positives CVEs (#10956)
Signed-off-by: Guilherme Macedo <guilherme@gmacedo.com>
2024-10-01 17:20:35 -04:00
Brad Davidson 6c6d87d1b0 Bump traefik to chart 27.0.2 / appVersion v2.11.10
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-30 12:49:18 -07:00
github-actions[bot] a809749edc
chore: Bump Trivy version (#10924)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-30 12:40:13 -07:00
Derek Nola 2739f50d77
Trivy workflow: Checkout repo to use gh cli (#10949)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-25 13:20:26 -07:00
Derek Nola 97e8486032
Fix trivy report download (#10943)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-25 10:09:09 -07:00
Brad Davidson cda31ebd67 Bump kine to v0.13.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-25 10:02:04 -07:00
Derek Nola 3a268acb78
Check k3s-io organization membership not team membership for trivy scans (#10940)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 14:37:32 -07:00
Derek Nola 6731f4a70d
Fix getMembershipForUserInOrg call (#10937)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 13:06:27 -07:00
Derek Nola 005711fad6
Breakup trivy scan and check comment author (#10935)
* Check comment author on trivy scan
* Breakup trivy workflow for better permission security

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 12:10:31 -07:00
Brad Davidson ed14f7f863 Use static CNI bin dir
Maintain a separate dir for CNI binaries so that additional plugins can be installed in a predictable location that does not change every time k3s is upgraded.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-23 11:31:54 -07:00
Brooks Newberry ea5add3c3b
update stable channel tov1.30.5+k3s1 (#10921) 2024-09-23 07:10:06 -07:00
Robert Silén 40eda6a823
Add MariaDB to E2E (#10724)
* add mariadb to Validate and Upgrade E2E tests

Signed-off-by: robertsilen <robert.silen@iki.fi>
Signed-off-by: Robert Silén <robert.silen@iki.fi>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-09-19 08:40:02 -07:00
Brooks Newberry 7d66fa7ffa update kubernetes to v1.31.1-k3s3
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-09-18 10:47:29 -07:00
github-actions[bot] e6d1cf1009
chore: Bump Trivy version (#10899)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-17 10:03:23 -07:00
Manuel Buil 483d76b34a Add int test for flannel-ipv6masq
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-09-17 12:00:33 +02:00
github-actions[bot] 13612ef376
chore: Bump Trivy version (#10863)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-12 09:37:49 -07:00
Brad Davidson d6c20b7452 Fix hosts.toml header var
Resolves issue from 270f85e468 that prevented old hosts.toml files from being cleaned up.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-10 14:59:41 -07:00
Derek Nola 61c7011cab
Give good report if no CVEs found in trivy (#10853)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-06 14:58:26 -07:00
Arne Winter c4c11e51f1
add node-internal-dns/node-external-dns address pass-through support (#10852)
* add --node-internal-dns and --node-external-dns

Signed-off-by: Arne Winter <github@arnewinter.dev>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 14:15:19 -07:00
Derek Nola 216c3671b7
Remove otelgrpc pinned dependency (#10799)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-06 10:56:55 -07:00
Brad Davidson 270f85e468 Only clean up containerd hosts dirs managed by k3s
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 17:21:55 -07:00
Brad Davidson 378edb939d Tag PR image build as latest before scanning
This is less effort than passing the tag across steps 🤷‍♂️

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 15:21:56 -07:00
Brad Davidson 662799feec Bump helm-controller for skip-verify/plain-http and updated tolerations
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 15:21:42 -07:00
Brad Davidson d746073bd0 Bump containerd to v1.7.21, runc to v1.1.14
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 11:03:31 -07:00