External CLI actions cannot short-circuit on --help or --version, so we
cannot skip loading the config file if these flags are present when
running these wrapped commands. The behavior of just returning the
override flag name instead of the requested flag value was breaking
data-dir lookup when running wrapped commands.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ff5c633fe7)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Maintain a separate dir for CNI binaries so that additional plugins can be installed in a predictable location that does not change every time k3s is upgraded.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ed14f7f863)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
This was only used to pass the bundled strongswan path through to the flannel ipsec backend, and is no longer needed. Ref: #719
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* initial windows port.
Signed-off-by: Sean Yen <seanyen@microsoft.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Wei Ran <weiran@microsoft.com>
* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Ensure agent token also changes
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Bump go version to 1.20.3 to match upstream
* Bump cri-dockerd
* Bump golanci-lint
* go generate
* Bump selinux in cgroup test
* Bump to v1.27.1 tags
* Release documentation improvements
* Only run upgrade e2e test on PR
Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Regular CLI framework for encrypt commands
* New secrets-encryption feature
* New integration test
* fixes for flaky integration test CI
* Fix to bootstrap on restart of existing nodes
* Consolidate event recorder
Signed-off-by: Derek Nola <derek.nola@suse.com>
We also need to be more careful about setting the crictl.yaml path,
as it doesn't have kubectl's nice behavior of checking multiple
locations. It's not safe to assume that it's in the user's home data-dir
just because we're not running as root.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Create a current symlink to artifact dir in DataDir
* Rename symlink to previous instead of current.prev...
Co-authored-by: Gaussen Benoît <benoit.gaussen@orange.com>
Because:
- Current CNI plugins produces an error on Raspbian:
`failed to create bridge \"cni0\": could not add \"cni0\": operation not supported"`
- Dependencies for CNI plugins may interfere with containerd dependencies.
This change will compile and download CNI plugins separately, and will
downgrade CNI plugins to v0.7.6 for compatability with armv7.