Pedro Tashima
d973fadbed
Update to v1.29.4 ( #9960 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
2024-04-16 19:57:56 -03:00
Roberto Bonafiglia
81cd630f87
Update kube-router to v2.1.0
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-04-12 09:00:57 +02:00
Brad Davidson
fe465cc832
Move etcd snapshot management CLI to request/response
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 15:21:26 -07:00
Brad Davidson
0792461885
Bump containerd and cri-dockerd
...
Bump containerd to v1.7.15
Bump cri-dockerd to v0.3.12
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 11:09:30 -07:00
Derek Nola
9846a72e92
Bump spegel to v0.0.20-k3s1 ( #9863 )
...
* Bump spegel to v0.0.20-k3s1
* Remove deprecated libp2p Pretty function
* Remove quic-go pin
Pinned version is now out of date, indirect dependencies are now newer, with CVE issue fixed
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-04-05 08:43:19 -07:00
Brad Davidson
7f659759dd
Add certificate expiry check and warnings
...
* Add ADR
* Add `k3s certificate check` command.
* Add periodic check and events when certs are about to expire.
* Add metrics for certificate validity remaining, labeled by cert subject
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-28 12:05:21 -07:00
Derek Nola
6a42c6fcfe
Remove old pinned dependencies ( #9806 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:09:48 -07:00
Derek Nola
14f54d0b26
Transition from deprecated pointer library to ptr ( #9801 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:07:02 -07:00
Vitor Savian
5d69d6e782
Add tls for kine
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Bump kine
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Add integration tests for kine with tls
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-03-28 11:12:07 -03:00
Brian Downs
8aecc26b0f
Update to v1.29.3-k3s1 and Go 1.21.8 ( #9747 )
2024-03-17 13:33:54 -07:00
Tal Yitzhak
2c4773a5aa
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto ( #9513 )
...
Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
2024-03-05 10:56:38 -08:00
Philip Laine
26feb25c40
Bump spegel to v0.0.18-k3s4
...
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Brad Davidson
109e3e454c
Bump helm-controller/klipper-helm versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:55:36 -08:00
Brooks Newberry
3e13e3619c
Update Kubernetes to v1.29.2 ( #9493 )
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-15 12:48:20 -08:00
Brad Davidson
de825845b2
Bump kine and set NotifyInterval to what the apiserver expects
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-09 14:22:38 -08:00
Derek Nola
fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA ( #9340 )
...
* Reorder copy order for caching
* Enable longer http timeout requests
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Roberto Bonafiglia
cc04edf05f
Update Kube-router to v2.0.1
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-02-09 20:14:51 +01:00
Brad Davidson
9e076db724
Bump cri-dockerd
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Manuel Buil
950473e35f
Bump flannel version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-02-07 10:19:06 +01:00
Brad Davidson
57482a1c1b
Bump helm-controller to fix issue with ChartContent
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-02 12:39:51 -08:00
Brad Davidson
c635818956
Bump runc and helm-controller versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Pedro Tashima
d8907ce62c
Update to v1.29.1 ( #9259 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-01-18 10:15:18 -03:00
Derek Nola
5303aa60e9
Fix nonexistent dependency repositories ( #9213 )
...
* Fix nonexistent dependency repositories
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Restore matching go.sum
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-01-11 11:01:49 -08:00
Brad Davidson
c5a299d0ed
Bump quic-go for CVE-2023-49295
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:09:33 -08:00
Brad Davidson
37e9b87f62
Add embedded registry implementation
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson
db7091b3f6
Handle logging flags when parsing kube-proxy args
...
Also adds a test to ensure this continues to work.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 16:23:03 -08:00
Pierre
bbd68f3a50
Rebase & Squash ( #9070 )
...
Signed-off-by: Yodo <pierre@azmed.co>
2024-01-02 12:05:36 -08:00
Hussein Galal
9411196406
Update flannel to v0.24.0 and remove multiclustercidr flag ( #9075 )
...
* update flannel to v0.24.0
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* remove multiclustercidr flag
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
---------
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-12-20 00:25:38 +02:00
Hussein Galal
7101af36bb
Update Kubernetes to v1.29.0+k3s1 ( #9052 )
...
* Update to v1.29.0
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update to v1.29.0
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update go to 1.21.5
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update golangci-lint
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update flannel to 0.23.0-k3s1
This update uses k3s' fork of flannel to allow the removal of
multicluster cidr flag logic from the code
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix flannel calls
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update cri-tools to version v1.29.0-k3s1
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Remove GOEXPERIMENT=nounified from arm builds
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Skip golangci-lint
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix setup logging with newer go version
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Move logging flags to components arguments
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* add sysctl commands to the test script
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update scripts/test
Signed-off-by: Brad Davidson <brad@oatmail.org>
* disable secretsencryption tests
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
---------
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad@oatmail.org>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2023-12-19 05:14:02 +02:00
Brad Davidson
71a3c35fb7
Bump containerd to v1.7.11
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-12-11 17:04:52 -08:00
Brad Davidson
b9c288f702
Bump containerd/runc to v1.7.10-k3s1/v1.1.10
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-12-08 18:17:19 -08:00
Johnatas
3f23723035
Update to v1.28.4 ( #8920 )
...
Signed-off-by: Johnatas <johnatas.santos@suse.com>
2023-11-22 15:01:45 -03:00
Brad Davidson
3a6284e2b9
Bump dynamiclistener to fix secret sync race
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-17 10:09:01 -08:00
Brad Davidson
6c544a4679
Add jitter to client config retry
...
Also:
* Replaces labeled for/continue RETRY loops with wait helpers for improved readability
* Pulls secrets and nodes from cache for node password verification
* Migrate nodepassword tests to wrangler mocks for better code reuse
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-16 09:53:28 -08:00
Brad Davidson
32a1efa408
Bump kine to fix multiple issues
...
Ref: https://github.com/k3s-io/kine/releases/tag/v0.11.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-14 15:50:56 -08:00
Johnatas
6aef26e94b
Update to v1.28.3 ( #8682 )
2023-10-19 16:54:48 -07:00
Sean Yen
0c9bf36fe0
[K3s][Windows Port] Build script, multi-call binary, and Flannel ( #7259 )
...
* initial windows port.
Signed-off-by: Sean Yen <seanyen@microsoft.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Wei Ran <weiran@microsoft.com>
2023-10-16 14:53:09 -04:00
Brad Davidson
3abc8b82ed
Bump traefik, golang.org/x/net, google.golang.org/grpc
...
Fixes exposure to CVE-2023-39325
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-13 09:45:54 -07:00
Brad Davidson
5fe4f6709a
Bump containerd to v1.7.7-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 14:46:26 -07:00
Roberto Bonafiglia
ad206310d1
Update kube-router
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-09-27 10:41:48 +02:00
Johnatas
6330a5b49c
Update to v1.28.2 and go v1.20.8 ( #8364 )
...
* Update to v1.28.2
Signed-off-by: Johnatas <johnatasr@hotmail.com>
* Bump containerd and stargz versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Print message on upgrade fail
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Send Bad Gateway instead of Service Unavailable when tunnel dial fails
Works around new handling for Service Unavailable by apiserver aggregation added in kubernetes/kubernetes#119870
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Add 60 seconds to server upgrade wait to account for delays in apiserver readiness
Also change cleanup helper to ensure upgrade test doesn't pollute the
images for the rest of the tests.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
---------
Signed-off-by: Johnatas <johnatasr@hotmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-19 10:18:47 -03:00
Brad Davidson
550dd0578f
Bump kine to v0.10.3
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-08 13:01:59 -07:00
Derek Nola
2cb7023660
Use already imported semver, bump kine
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-25 14:17:00 -06:00
Hussein Galal
62db5fa27c
Update to v1.28.1 ( #8239 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-08-24 23:27:06 +03:00
Hussein Galal
af50e1b096
Update to v1.28.0-k3s1 ( #8199 )
...
* Update to v1.28.0
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update golang to v1.20.7
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* more changes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update wrangler
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update wrangler
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix nodepassword test
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix nodepassword test
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* disable CGO before running golangci-lint
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* execlude CGO Enabled checks
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Ignore reapply change error with logging
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update google api client
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
---------
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-08-23 00:09:31 +03:00
Manuel Buil
e31f00f863
Move flannel to 0.22.2
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-08-18 09:11:30 +02:00
Brad Davidson
84ded911e9
Bump helm-controller/klipper-helm versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-15 22:24:12 -07:00
Brad Davidson
66bae3e326
Bump dynamiclistener for init deadlock fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-15 16:36:12 -07:00
Brad Davidson
fd531140e5
Bump kine to v0.10.2
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-03 14:55:37 -07:00
Brad Davidson
23d6842f9a
Bump versions for etcd, containerd, runc, kine
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-03 01:26:10 -07:00