Brad Davidson
1ae9ca73f5
Update tcpproxy for import path change
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
manuelbuil
e475ba70b8
Add e2e test for advanced fields in services
...
Signed-off-by: manuelbuil <mbuil@suse.com>
2 months ago
Brad Davidson
c6392c9ffc
Fix issue that caused passwd file and psk to be regenerated when rotating CA certs
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
Brad Davidson
b1a42e5d43
Add ca-cert rotation integration test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
github-actions[bot]
e9c529530c
chore: Bump Trivy version ( #10996 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2 months ago
Brad Davidson
0826ebc142
Fix race condition when multiple nodes reconcile S3 snapshots
...
Don't delete s3 etcdsnapshotfiles if they are missing from s3 but less than a minute old, its possible the other node just finished uploading it and the object key has not yet become visible.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
Ludo Stellingwerff
38d13e03d9
Allow additional Rootless CopyUpDirs through K3S_ROOTLESS_COPYUPDIRS env variable ( #10386 )
...
Signed-off-by: Ludo Stellingwerff <ludo.stellingwerff@gmail.com>
2 months ago
Brad Davidson
0942e6a0c5
Fix sqlite endpoint when migrating from sqlite to etcd
...
Support for 'sqlite' as the endpoint was removed in
https://github.com/k3s-io/kine/pull/320 and the constant removed in
https://github.com/k3s-io/kine/pull/325
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
Brad Davidson
c9e7b05971
Bump kine
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
Papiris
f288ccea7e
Remove trailing whitespace ( #9362 )
...
* Remove trailing whitespace from install.sh
Signed-off-by: Papiris <contributions@ingeniorskap.no>
* Update install.sh.sha256sum
Signed-off-by: Papiris <contributions@ingeniorskap.no>
---------
Signed-off-by: Papiris <contributions@ingeniorskap.no>
2 months ago
jonarmani
7ca021ea89
Update README.md ( #10523 )
...
Half of 8 is 3, in a way.
Signed-off-by: jonarmani <3901100+jonarmani@users.noreply.github.com>
2 months ago
Derek Nola
cd02fdfa39
Bump to new wharfie version ( #10971 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Vitor Savian
1ff43bf07f
Add user path to runtimes search
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2 months ago
Derek Nola
ab89363e18
Fix trivy vex line ( #10970 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Guilherme Macedo
0553a1a1d9
Pass Rancher's VEX report to Trivy to remove known false-positives CVEs ( #10956 )
...
Signed-off-by: Guilherme Macedo <guilherme@gmacedo.com>
2 months ago
Brad Davidson
6c6d87d1b0
Bump traefik to chart 27.0.2 / appVersion v2.11.10
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
github-actions[bot]
a809749edc
chore: Bump Trivy version ( #10924 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2 months ago
Derek Nola
2739f50d77
Trivy workflow: Checkout repo to use gh cli ( #10949 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Derek Nola
97e8486032
Fix trivy report download ( #10943 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Brad Davidson
cda31ebd67
Bump kine to v0.13.0
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
Derek Nola
3a268acb78
Check k3s-io organization membership not team membership for trivy scans ( #10940 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Derek Nola
6731f4a70d
Fix getMembershipForUserInOrg call ( #10937 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Derek Nola
005711fad6
Breakup trivy scan and check comment author ( #10935 )
...
* Check comment author on trivy scan
* Breakup trivy workflow for better permission security
Signed-off-by: Derek Nola <derek.nola@suse.com>
2 months ago
Brad Davidson
ed14f7f863
Use static CNI bin dir
...
Maintain a separate dir for CNI binaries so that additional plugins can be installed in a predictable location that does not change every time k3s is upgraded.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 months ago
Brooks Newberry
ea5add3c3b
update stable channel tov1.30.5+k3s1 ( #10921 )
2 months ago
Robert Silén
40eda6a823
Add MariaDB to E2E ( #10724 )
...
* add mariadb to Validate and Upgrade E2E tests
Signed-off-by: robertsilen <robert.silen@iki.fi>
Signed-off-by: Robert Silén <robert.silen@iki.fi>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2 months ago
Brooks Newberry
7d66fa7ffa
update kubernetes to v1.31.1-k3s3
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2 months ago
github-actions[bot]
e6d1cf1009
chore: Bump Trivy version ( #10899 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2 months ago
Manuel Buil
483d76b34a
Add int test for flannel-ipv6masq
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2 months ago
github-actions[bot]
13612ef376
chore: Bump Trivy version ( #10863 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
3 months ago
Brad Davidson
d6c20b7452
Fix hosts.toml header var
...
Resolves issue from 270f85e468
that prevented old hosts.toml files from being cleaned up.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Derek Nola
61c7011cab
Give good report if no CVEs found in trivy ( #10853 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
3 months ago
Arne Winter
c4c11e51f1
add node-internal-dns/node-external-dns address pass-through support ( #10852 )
...
* add --node-internal-dns and --node-external-dns
Signed-off-by: Arne Winter <github@arnewinter.dev>
Co-authored-by: Brad Davidson <brad@oatmail.org>
3 months ago
Derek Nola
216c3671b7
Remove otelgrpc pinned dependency ( #10799 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
3 months ago
Brad Davidson
270f85e468
Only clean up containerd hosts dirs managed by k3s
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Brad Davidson
378edb939d
Tag PR image build as latest before scanning
...
This is less effort than passing the tag across steps 🤷♂️
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Brad Davidson
662799feec
Bump helm-controller for skip-verify/plain-http and updated tolerations
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Brad Davidson
d746073bd0
Bump containerd to v1.7.21, runc to v1.1.14
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Brad Davidson
29e25a61e6
Add channel for v1.31
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Derek Nola
36282dc39b
Launch private registry with init so the container can be killed on cleanup ( #10822 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
3 months ago
Brad Davidson
3d6e4a793a
Fix /trivy action running against target branch instead of PR branch
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
github-actions[bot]
de4bb2e13c
chore: Update sonobuoy image versions ( #10792 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
3 months ago
Roberto Bonafiglia
28ceeec489
Update CNI plugins version
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
3 months ago
dependabot[bot]
dacc636cf4
Bump aquasecurity/trivy-action from 0.20.0 to 0.24.0 ( #10795 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.20.0 to 0.24.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.20.0...0.24.0 )
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 months ago
Derek Nola
254c16fdd5
Cover edge case when on new minor release for E2E upgrade test ( #10781 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
3 months ago
Derek Nola
fa6940d03d
Add trivy scanning trigger for PRs ( #10758 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
3 months ago
Harsimran Singh Maan
0b4d2497e5
Update coredns to 1.11.3 and metrics-server to 0.7.2
...
Used https://github.com/coredns/corefile-migration to
migrate the corefile. There are no changes for the
default file from 1.10.1 to 1.11.3.
Notable plugin changes include the k8s_external with fallthrough option
and rewrite with cname_target option.
These changes are not part of the default config that ships
with k3s. Customers using these two plugins can start using the new options
Metrics does not have any new features other than build tooling updates.
Requires https://github.com/rancher/image-mirror/pull/704
Signed-off-by: Harsimran Singh Maan <maan.harry@gmail.com>
3 months ago
Brad Davidson
bd45aa5c45
Bump traefik to v2.11.8
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 months ago
Hussein Galal
9a69ecd58c
Update kubernetes to v1.31.0-k3s3 ( #10764 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
3 months ago
Derek Nola
85e02e10d7
Remove secrets encryption controller ( #10612 )
...
* Remove secrets encryption controller
Signed-off-by: Derek Nola <derek.nola@suse.com>
3 months ago