Brad Davidson
84ded911e9
Bump helm-controller/klipper-helm versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-15 22:24:12 -07:00
Brad Davidson
66bae3e326
Bump dynamiclistener for init deadlock fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-15 16:36:12 -07:00
Vitor Savian
e83b1ba4aa
Fixed the etcd retention to delete orphaned snapshots based on the date ( #8177 )
...
* Fix retention using name instead of date
Signed-off-by: Vitor <vitor.savian@suse.com>
2023-08-14 18:48:59 -03:00
github-actions[bot]
561db17a31
chore: Bump Trivy version ( #8178 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-08-14 10:21:27 -04:00
github-actions[bot]
38a0b91c1a
chore: Bump Trivy version ( #8150 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-08-10 15:44:45 -07:00
Derek Nola
7f58a1cb23
Run integration test CI in parallel ( #8156 )
...
* Run integration test CI in parallel
* Define go version in E2E
2023-08-10 13:55:30 -07:00
Vitor Savian
c97211866a
Fix for cluster-reset backup from s3 when etcd snapshots are disabled ( #8155 )
...
* Fixed when the user disable the etcd snapshots, but want to backup from s3
Signed-off-by: Vitor <vitor.savian@suse.com>
2023-08-10 12:23:10 -03:00
Derek Nola
9702f92345
Fix for Kubeflag Integration test ( #8154 )
...
* Use argument that doesn't require file
* Use build-k3s workflow in cgroup
* Bump timeout on integration tests
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-07 14:04:04 -07:00
Brad Davidson
b2e71553ce
Use VERSION_K8S in tests instead of grep go.mod
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-04 16:06:47 -07:00
Brad Davidson
bc332ac667
Use 'go list -m' instead of grep to look up versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-04 12:26:54 -07:00
Ian Cardoso
53fc3eef0a
add --disable-cloud-controller and --disable-kube-proxy test ( #8018 )
...
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-08-04 14:27:09 -03:00
Ian Cardoso
e551308db8
fix for etcd-snapshot delete with --etcd-s3 flag ( #8110 )
...
k3s etcd-snapshot save --etcd-s3 ... is creating a local snapshot and uploading it to s3 while k3s etcd-snapshot delete --etcd-s3 ... was deleting the snapshot only on s3 buckets, this commit change the behavior of delete to do it locally and on s3
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-08-04 14:26:32 -03:00
fmoral2
45bc26309f
Remove terraform test package ( #8136 )
...
Signed-off-by: Francisco <francisco.moral@suse.com>
2023-08-04 10:06:45 -03:00
Brad Davidson
fd531140e5
Bump kine to v0.10.2
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-03 14:55:37 -07:00
Vitor Savian
ca7aeed090
Etcd snapshots retention when node name changes ( #8099 )
...
Fixed the etcd retention to delete orphaned snapshots
Signed-off-by: Vitor <vitor.savian@suse.com>
2023-08-03 10:54:40 -03:00
Brad Davidson
23d6842f9a
Bump versions for etcd, containerd, runc, kine
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-03 01:26:10 -07:00
Brad Davidson
a0da8eded3
Bump docker/docker to master commit
...
Fixes issue with invalid HTTP host headers over unix sockets caused by
recent releases of golang rejecting invalid header values.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-02 11:34:11 -07:00
Brad Davidson
aa76942d0f
Add FilterCN function to prevent SAN Stuffing
...
Wire up a node watch to collect addresses of server nodes, to prevent adding unauthorized SANs to the dynamiclistener cert.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-02 11:15:39 -07:00
Manuel Buil
8c38d1169d
Merge pull request #8077 from manuelbuil/fixTailscale
...
Fix tailscale bug with ip modes
2023-08-02 11:42:20 +02:00
Ikko Eltociear Ashimine
3515d712a7
Fix typo in terraform/README.md ( #8090 )
...
Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
2023-08-01 14:15:08 -04:00
Derek Nola
a87b183f9c
E2E: Support GOCOVER for more tests + fixes ( #8080 )
...
* Add support for local build and go coverage to all E2E tests
* Remove unused EXTERNAL_DB from etcd tests
* Fix private reg test
* Add coverage to tailscale
* Cleanup unnecessary "sudo" in commands
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Add additonal s3 coverage clause
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-01 09:32:34 -07:00
Derek Nola
46cbbab263
Consolidate CopyFile functions ( #8079 )
...
* Consolidate CopyFile function
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Copy to File, not destination folder
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-01 08:55:34 -07:00
Manuel Buil
59eec78c62
Fix tailscale bug with ip modes
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-08-01 09:43:25 +02:00
Johnatas
468bddb59c
update stable channel to v1.27.4+k3s1 ( #8067 )
...
Signed-off-by: Johnatas <johnatas.santos@suse.com>
2023-07-31 18:17:51 -03:00
Hussein Galal
767b64ba58
Fix coreos multiple installs ( #8083 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-08-01 00:10:19 +03:00
Guilherme Macedo
cc9dce5764
Security bump to docker/distribution ( #8047 )
...
Signed-off-by: Guilherme Macedo <guilherme@gmacedo.com>
2023-07-31 17:02:39 -04:00
Brad Davidson
f21ae1d949
Make apiserver egress args conditional on egress-selector-mode
...
Only configure enable-aggregator-routing and egress-selector-config-file
if required by egress-selector-mode.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-07-31 13:59:41 -07:00
Simon Kirsten
546dc247a0
Add support for `{{ template "base" . }}` in etc/containerd/config.toml.tmpl ( #7991 )
...
Signed-off-by: Simon Kirsten <simonkirsten24@gmail.com>
2023-07-31 16:36:23 -04:00
Derek Nola
6d360e6473
Unit test for MustFindString ( #8013 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-31 10:22:34 -07:00
Derek Nola
946c8ea842
ADR on secrets encryption v3 ( #7938 )
...
* ADR on secrets encryption v3
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Update adr based off design meeting discussion
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Update with acceptance
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-31 10:20:48 -07:00
Manuel Buil
76e8e9789a
Merge pull request #8057 from manuelbuil/updateFlannel
...
Update flannel to v0.22.1
2023-07-31 10:56:40 +02:00
Manuel Buil
a37416f38c
Merge pull request #8056 from manuelbuil/update-cniPlugins
...
Update cni plugins version to v1.3.0
2023-07-31 10:56:27 +02:00
Manuel Buil
780e638099
Update flannel to v0.22.1
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-27 11:41:59 +02:00
Manuel Buil
e56839b329
Update cni plugins version to v1.3.0
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-27 11:37:28 +02:00
Pedro Tashima
36645e7311
fix update go version doc ( #8028 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2023-07-21 18:03:03 -03:00
Pedro Tashima
d8ae6ef59b
Update to v1.27.4 ( #8014 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2023-07-20 13:14:51 -03:00
Derek Nola
be44243353
Adjust default kubeconfig file permissions ( #7978 )
...
* Adjust default kubeconfig permissions
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-14 15:00:27 -07:00
Derek Nola
0b18a65d4f
Revert "Warn that v1.28 will deprecate reencrypt/prepare ( #7848 )"
...
This reverts commit 4ab01f3941
.
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-14 12:38:33 -07:00
Ian Cardoso
58a8deb25d
fix image_scan.sh script and download trivy version ( #7950 )
...
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-07-13 15:03:50 -03:00
Derek Nola
3eb4e12c3b
Don't use zgrep in `check-config` if apparmor porfile is enforced ( #7939 )
...
* Don't use zgrep if apparmor is enforced for it
* Bump e2e se timeouts for reencryption time
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-12 08:49:05 -07:00
Bartosz Lenart
34617390d0
Generation of certificates and keys for etcd gated if etcd is disabled. ( #6998 )
...
Problem:
When support for etcd was added in 3957142
, generation of certificates and keys for etcd was not gated behind use of managed etcd.
Keys are generated and distributed across servers even if managed etcd is not enabled.
Solution:
Allow generation of certificates and keys only if managed etc is enabled. Check config.DisableETCD flag.
Signed-off-by: Bartossh <lenartconsulting@gmail.com>
2023-07-11 10:24:35 -07:00
Johnatas
2eddfe6cf4
Add retry for clone step ( #7862 )
...
* Add retry for clone step
Signed-off-by: Johnatas <johnatas.santos@suse.com>
2023-07-07 14:33:57 -04:00
dependabot[bot]
782a3a1cb4
Bump google.golang.org/grpc from 1.51.0 to 1.53.0 in /tests/terraform ( #7879 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.53.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 09:19:57 -07:00
Derek Nola
8405813c12
Fix rootless node password ( #7887 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-07 09:14:49 -07:00
Johnatas
607320d670
Improve for K3s release Docs ( #7864 )
...
* Add changes in k3s release doc
Signed-off-by: Johnatas <johnatas.santos@suse.com>
* Get go version from .go-version file
Signed-off-by: Johnatas <johnatas.santos@suse.com>
* Update tags output
Signed-off-by: Johnatas <johnatas.santos@suse.com>
---------
Signed-off-by: Johnatas <johnatas.santos@suse.com>
2023-07-07 09:24:21 -03:00
Manuel Buil
6121e8cc8e
Merge pull request #7807 from dennwc/headscale
...
Support setting control server URL for Tailscale
2023-07-07 12:24:04 +02:00
Denys Smirnov
b9a2bf11ee
Support setting control server URL for Tailscale.
...
This change enables the use of Headscale - open source implementation of the Tailscale control server.
Signed-off-by: Denys Smirnov <dennwc@pm.me>
2023-07-07 10:49:01 +03:00
Derek Nola
4ab01f3941
Warn that v1.28 will deprecate reencrypt/prepare ( #7848 )
...
* Warn that v1.28 will deprecate reencrypt/prepare
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-06 12:34:51 -07:00
Manuel Buil
6c44b06e0a
Merge pull request #7838 from manuelbuil/ipv4ipv6tailscale
...
Check if we are on ipv4, ipv6 or dualStack when doing tailscale
2023-07-06 11:11:26 +02:00
Ian Cardoso
9e334153cf
add e2e s3 test ( #7833 )
...
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-07-05 17:35:44 -03:00