5a7f40dba3
Fix code spell check
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-04 15:53:34 +02:00
582f07cf3e
Missing backport for 1.25 ( #7818 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-22 17:04:44 -07:00
a0954e5d1e
Update Kubernetes to v1.25.11 ( #7788 )
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2023-06-15 06:59:32 -07:00
873fc1c77c
Merge pull request #7784 from manuelbuil/tailscaleFixes125
...
[Release 1.25] Fix logging and cleanup in Tailscale
2023-06-14 21:41:10 +02:00
8626667494
Fix the error report
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-14 19:17:48 +02:00
3777310270
Add commands to logout from tailscale
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-14 19:17:44 +02:00
d8aac17d5f
add format command on Makefile and remove vendor
...
This commit adds the format command to make it easier to be compliant to golangci-lint issues
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-06-14 13:34:21 -03:00
4e1ba3a087
Merge pull request #7758 from manuelbuil/removeLibvirtLines125
...
[Release 1.25] Remove unused libvirt config
2023-06-13 17:47:18 +02:00
21a7f5c845
Fix validatecluster e2e test
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-13 15:52:09 +02:00
c65dd08fed
Bump helm-controller to v0.15.0 for create-namespace support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-06-12 10:53:26 -07:00
03e3324902
Enable containerd aufs/devmapper/zfs snapshotter plugins
...
These were unintentionally dropped when moving containerd back into the main multicall binary
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e5e1a674ce
2023-06-12 10:53:26 -07:00
a645d3caf2
Improve error response logging
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5170bc5a04
2023-06-12 10:53:26 -07:00
3596d1891b
Soft-fail on node password verification if the secret cannot be created
...
Allows nodes to join the cluster during a webhook outage. This also
enhances auditability by creating Kubernetes events for the deferred
verification.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 45d8c1a1a2
2023-06-12 10:53:26 -07:00
b36b0c4c88
Make LB image configurable when compiling k3s
...
It is no way we can configure the lb image because it is a const value.
It would be better that we make it variable value and we can override
the value like the `helm-controller` job image when compiling k3s/rke2
Signed-off-by: Yuxing Deng <jxfa0043379@hotmail.com>
(cherry picked from commit b64a226ebd
2023-06-12 10:53:26 -07:00
8ca3262878
chore: Bump golang:alpine version
...
Made with ❤️ ️ by updatecli
(cherry picked from commit a5928ee137
2023-06-12 10:53:26 -07:00
3e22bec190
Add ADR
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 612473755d
2023-06-12 10:53:26 -07:00
29bc03305a
Create new kubeconfig for supervisor use
...
Only actual admin actions should use the admin kubeconfig; everything done by the supervisor/deploy/helm controllers will now use a distinct account for audit purposes.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 64a5f58f1e
2023-06-12 10:53:26 -07:00
ac6966145c
Use distinct clients for supervisor, deploy, and helm controllers
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8748813a61
2023-06-12 10:53:26 -07:00
17c534022e
Bump metrics-server to v0.6.3 and update tls-cipher-suites
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e9958cf070
2023-06-12 10:53:26 -07:00
2c542f411c
Bump klipper-lb to v0.4.4
...
Fixes issue with localhost access to ServiceLB when
ExternalTrafficPolicy=Local
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 93279d2f59
2023-06-12 10:53:26 -07:00
928e625529
allow coredns override extensions
...
Signed-off-by: Andrew Roffey <andrew@roffey.au>
(cherry picked from commit 0485a56f33
2023-06-12 10:53:26 -07:00
a74e56fd05
Merge pull request #7752 from manuelbuil/fixSpelling125
...
[Release 1.25] Fix spelling test
2023-06-12 18:21:21 +02:00
75bd429059
Remove unused libvirt config
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 18:19:19 +02:00
37ec02c0f5
Fix spelling check
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 15:44:46 +02:00
cb114a2d91
Merge pull request #7728 from manuelbuil/tailscale125
...
[Release 1.25] VPN integration
2023-06-12 10:20:30 +02:00
98333e8a22
VPN integration
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 09:22:06 +02:00
077fd8b9b6
[Release-1.25] Add private registry e2e test ( #7722 )
...
* add private registry e2e test (#7653 )
add private registry e2e test
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
* E2E: Startup test cleanup + RunCommand Enhancement (#7388 )
* Add beforesuite to startup
* Reduce timeouts for startup
* Fix cleanup + set kubeconfig
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-06-09 13:09:58 -07:00
f089761921
Remove unnecessary daemonset addition/deletion
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
eb63c3bf04
E2E: Use sudo for all RunCmdOnNode
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
ed6e7b1c2c
Add Rotation certification Check ( #7097 )
...
* Add Certification Test to Validate Cluster
Signed-off-by: est-suse <esteban.esquivel@suse.com>
* Fix to stop/start for k3s certificate rotation
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: est-suse <esteban.esquivel@suse.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: est-suse <esteban.esquivel@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
a7521dab8b
Fix for longhorn integration test
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
e1ae6f0940
Shortcircuit commands with version or help flags ( #7683 )
...
* Shortcircuit search with help and version flag
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Keep functions seperate
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
474498c527
Bump vagrant libvirt with fix for plugin installs ( #7659 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-01 09:16:58 -07:00
42867c806b
Merge pull request #7649 from manuelbuil/flannel0220-1.25
...
[Release 1.25] Update flannel version
2023-05-31 11:41:19 +02:00
e7c148df3e
Update flannel version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-31 08:44:33 +02:00
613a3bc8cb
Update to v1.25.10-k3s1 ( #7582 )
2023-05-18 10:24:33 -07:00
938c984de1
Merge pull request #7574 from manuelbuil/restartcluster125
...
[Release 1.25] Add '-all' flag to apply to inactive units
2023-05-18 15:46:12 +02:00
e3c3ecdf64
Add '-all' flag to apply to inactive units
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-17 18:53:49 +02:00
3ce8dd17c9
Merge pull request #7548 from manuelbuil/fixnetpollogs125
...
[Release 1.25] Wrap error stating that it is coming from netpol
2023-05-15 16:33:33 +02:00
0b14452817
Wrap error stating that it is coming from netpol
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-15 09:44:26 +02:00
a41015abe5
Bump containerd/runc to v1.7.1-k3s1/v1.1.7
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-11 14:53:37 -07:00
eff951b567
Bump helm-controller version for repo auth/ca support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-10 15:18:54 -07:00
a0891cab16
Consistently use constant-time comparison of password hashes
...
As per https://github.com/golang/go/issues/47001 even subtle.ConstantTimeCompare should never be used with variable-length inputs, as it will return 0 if the lengths do not match. Switch to consistently using constant-time comparisons of hashes for password checks to avoid any possible side-channel leaks that could be combined with other vectors to discover password lengths.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 239021e759
2023-05-10 15:18:54 -07:00
e0f01f1ca2
Bump kine to v0.10.1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b32bf49541
2023-05-10 15:18:54 -07:00
caf88e5b37
Fix token startup test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit c98137ddca
2023-05-10 15:18:54 -07:00
e3a67ac40a
Fail to validate server tokens that use bootstrap id/secret format
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit cf9ebb3259
2023-05-10 15:18:54 -07:00
5227fe8cd5
Bump cni plugins to v1.2.0-k3s1
...
Also add bandwidth and firewall plugins. The bandwidth plugin is
automatically registered with the appropriate capability, but the
firewall plugin must be configured by the user if they want to use it.
Ref: https://www.cni.dev/plugins/current/meta/firewall/
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit cedefeff24
2023-05-10 15:18:54 -07:00
fc058fdcdb
Fix MemberList error handling and incorrect etcd-arg passthrough
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e61fde93c1
2023-05-10 15:18:54 -07:00
3e5fa68be6
Retry cluster join on "too many learners" error
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 91afb38799
2023-05-10 15:18:54 -07:00
95f5069514
Fix stack log on panic
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f1b6a3549c
2023-05-10 15:18:54 -07:00
Manuel Buil