Commit Graph

366 Commits (16898462993f78b2f33c0c0a527a0fd3ca42ebd2)

Author SHA1 Message Date
Pedro Tashima d973fadbed
Update to v1.29.4 (#9960)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
2024-04-16 19:57:56 -03:00
Roberto Bonafiglia 81cd630f87 Update kube-router to v2.1.0
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-04-12 09:00:57 +02:00
Brad Davidson fe465cc832 Move etcd snapshot management CLI to request/response
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 15:21:26 -07:00
Brad Davidson 0792461885 Bump containerd and cri-dockerd
Bump containerd to v1.7.15
Bump cri-dockerd to v0.3.12

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 11:09:30 -07:00
Derek Nola 9846a72e92
Bump spegel to v0.0.20-k3s1 (#9863)
* Bump spegel to v0.0.20-k3s1

* Remove deprecated libp2p Pretty function

* Remove quic-go pin
   Pinned version is now out of date,  indirect dependencies are now newer, with CVE issue fixed
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-04-05 08:43:19 -07:00
Brad Davidson 7f659759dd Add certificate expiry check and warnings
* Add ADR
* Add `k3s certificate check` command.
* Add periodic check and events when certs are about to expire.
* Add metrics for certificate validity remaining, labeled by cert subject

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-28 12:05:21 -07:00
Derek Nola 6a42c6fcfe
Remove old pinned dependencies (#9806)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:09:48 -07:00
Derek Nola 14f54d0b26
Transition from deprecated pointer library to ptr (#9801)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:07:02 -07:00
Vitor Savian 5d69d6e782 Add tls for kine
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Bump kine

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Add integration tests for kine with tls

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-03-28 11:12:07 -03:00
Brian Downs 8aecc26b0f
Update to v1.29.3-k3s1 and Go 1.21.8 (#9747) 2024-03-17 13:33:54 -07:00
Tal Yitzhak 2c4773a5aa
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto (#9513)
Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
2024-03-05 10:56:38 -08:00
Philip Laine 26feb25c40 Bump spegel to v0.0.18-k3s4
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Brad Davidson 109e3e454c Bump helm-controller/klipper-helm versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:55:36 -08:00
Brooks Newberry 3e13e3619c
Update Kubernetes to v1.29.2 (#9493)
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-15 12:48:20 -08:00
Brad Davidson de825845b2 Bump kine and set NotifyInterval to what the apiserver expects
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-09 14:22:38 -08:00
Derek Nola fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
* Reorder copy order for caching
* Enable longer http timeout requests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Roberto Bonafiglia cc04edf05f Update Kube-router to v2.0.1
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-02-09 20:14:51 +01:00
Brad Davidson 9e076db724 Bump cri-dockerd
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Manuel Buil 950473e35f Bump flannel version
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-02-07 10:19:06 +01:00
Brad Davidson 57482a1c1b Bump helm-controller to fix issue with ChartContent
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-02 12:39:51 -08:00
Brad Davidson c635818956 Bump runc and helm-controller versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Pedro Tashima d8907ce62c
Update to v1.29.1 (#9259)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-01-18 10:15:18 -03:00
Derek Nola 5303aa60e9
Fix nonexistent dependency repositories (#9213)
* Fix nonexistent dependency repositories

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Restore matching go.sum

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-01-11 11:01:49 -08:00
Brad Davidson c5a299d0ed Bump quic-go for CVE-2023-49295
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:09:33 -08:00
Brad Davidson 37e9b87f62 Add embedded registry implementation
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson db7091b3f6 Handle logging flags when parsing kube-proxy args
Also adds a test to ensure this continues to work.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 16:23:03 -08:00
Pierre bbd68f3a50
Rebase & Squash (#9070)
Signed-off-by: Yodo <pierre@azmed.co>
2024-01-02 12:05:36 -08:00
Hussein Galal 9411196406
Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
* update flannel to v0.24.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove multiclustercidr flag

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-12-20 00:25:38 +02:00
Hussein Galal 7101af36bb
Update Kubernetes to v1.29.0+k3s1 (#9052)
* Update to v1.29.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update to v1.29.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update go to 1.21.5

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update golangci-lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update flannel to 0.23.0-k3s1

This update uses k3s' fork of flannel to allow the removal of
multicluster cidr flag logic from the code

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix flannel calls

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update cri-tools to version v1.29.0-k3s1

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Remove GOEXPERIMENT=nounified from arm builds

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Skip golangci-lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix setup logging with newer go version

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Move logging flags to components arguments

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* add sysctl commands to the test script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update scripts/test

Signed-off-by: Brad Davidson <brad@oatmail.org>

* disable secretsencryption tests

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad@oatmail.org>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2023-12-19 05:14:02 +02:00
Brad Davidson 71a3c35fb7 Bump containerd to v1.7.11
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-12-11 17:04:52 -08:00
Brad Davidson b9c288f702 Bump containerd/runc to v1.7.10-k3s1/v1.1.10
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-12-08 18:17:19 -08:00
Johnatas 3f23723035
Update to v1.28.4 (#8920)
Signed-off-by: Johnatas <johnatas.santos@suse.com>
2023-11-22 15:01:45 -03:00
Brad Davidson 3a6284e2b9 Bump dynamiclistener to fix secret sync race
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-17 10:09:01 -08:00
Brad Davidson 6c544a4679 Add jitter to client config retry
Also:
* Replaces labeled for/continue RETRY loops with wait helpers for improved readability
* Pulls secrets and nodes from cache for node password verification
* Migrate nodepassword tests to wrangler mocks for better code reuse

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-16 09:53:28 -08:00
Brad Davidson 32a1efa408 Bump kine to fix multiple issues
Ref: https://github.com/k3s-io/kine/releases/tag/v0.11.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-14 15:50:56 -08:00
Johnatas 6aef26e94b
Update to v1.28.3 (#8682) 2023-10-19 16:54:48 -07:00
Sean Yen 0c9bf36fe0
[K3s][Windows Port] Build script, multi-call binary, and Flannel (#7259)
* initial windows port.

Signed-off-by: Sean Yen <seanyen@microsoft.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Wei Ran <weiran@microsoft.com>
2023-10-16 14:53:09 -04:00
Brad Davidson 3abc8b82ed Bump traefik, golang.org/x/net, google.golang.org/grpc
Fixes exposure to CVE-2023-39325

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-13 09:45:54 -07:00
Brad Davidson 5fe4f6709a Bump containerd to v1.7.7-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 14:46:26 -07:00
Roberto Bonafiglia ad206310d1 Update kube-router
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-09-27 10:41:48 +02:00
Johnatas 6330a5b49c
Update to v1.28.2 and go v1.20.8 (#8364)
* Update to v1.28.2

Signed-off-by: Johnatas <johnatasr@hotmail.com>

* Bump containerd and stargz versions

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Print message on upgrade fail

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Send Bad Gateway instead of Service Unavailable when tunnel dial fails

Works around new handling for Service Unavailable by apiserver aggregation added in kubernetes/kubernetes#119870

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Add 60 seconds to server upgrade wait to account for delays in apiserver readiness

Also change cleanup helper to ensure upgrade test doesn't pollute the
images for the rest of the tests.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

---------

Signed-off-by: Johnatas <johnatasr@hotmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-19 10:18:47 -03:00
Brad Davidson 550dd0578f Bump kine to v0.10.3
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-08 13:01:59 -07:00
Derek Nola 2cb7023660 Use already imported semver, bump kine
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-25 14:17:00 -06:00
Hussein Galal 62db5fa27c
Update to v1.28.1 (#8239)
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-08-24 23:27:06 +03:00
Hussein Galal af50e1b096
Update to v1.28.0-k3s1 (#8199)
* Update to v1.28.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update golang to v1.20.7

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more changes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update wrangler

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update wrangler

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix nodepassword test

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix nodepassword test

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* disable CGO before running golangci-lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* execlude CGO Enabled checks

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Ignore reapply change error with logging

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update google api client

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-08-23 00:09:31 +03:00
Manuel Buil e31f00f863 Move flannel to 0.22.2
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-08-18 09:11:30 +02:00
Brad Davidson 84ded911e9 Bump helm-controller/klipper-helm versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-15 22:24:12 -07:00
Brad Davidson 66bae3e326 Bump dynamiclistener for init deadlock fix
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-15 16:36:12 -07:00
Brad Davidson fd531140e5 Bump kine to v0.10.2
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-03 14:55:37 -07:00
Brad Davidson 23d6842f9a Bump versions for etcd, containerd, runc, kine
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-03 01:26:10 -07:00