Commit Graph

376 Commits (7ef30a2c6099386d47264f36ec20ccf3ff40f317)

Author SHA1 Message Date
Brad Davidson 77407d0068 Bump klipper-helm image for tls secret support
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 6683fcdb65)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 09:16:55 -07:00
Brad Davidson 2434cfd46e Bump kine to v0.11.9 to fix pagination
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2669d67a9b)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 09:16:55 -07:00
Brad Davidson 30cf166b8a bump minio-go to v7.0.70
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit afdcc83afe)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 09:16:55 -07:00
Brad Davidson ef8bd94480 Bump spegel version
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5cf4d75749)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 09:16:55 -07:00
Brad Davidson ea66a4e8cb bump etcd to v3.5.13
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit bf8b15e7ae)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 09:16:55 -07:00
Brad Davidson 3056358e3d Bump containerd to v1.7.17
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit aaa578785c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 09:16:55 -07:00
Roberto Bonafiglia e600877338 Update kube-router version to v2.1.2
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-05-28 15:21:54 +02:00
Thomas Ferrandiz 7ebc6903fa Use TrafficManager interface when calling flannel
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2024-05-28 07:58:19 +00:00
Thomas Ferrandiz 1ec25d8f64 Bump flannel version to v0.25.2
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2024-05-28 07:58:19 +00:00
Brian Downs 4e53a32306
Update to v1.29.5 (#10108) 2024-05-17 13:38:57 -07:00
Pedro Tashima d973fadbed
Update to v1.29.4 (#9960)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
2024-04-16 19:57:56 -03:00
Roberto Bonafiglia 81cd630f87 Update kube-router to v2.1.0
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-04-12 09:00:57 +02:00
Brad Davidson fe465cc832 Move etcd snapshot management CLI to request/response
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 15:21:26 -07:00
Brad Davidson 0792461885 Bump containerd and cri-dockerd
Bump containerd to v1.7.15
Bump cri-dockerd to v0.3.12

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 11:09:30 -07:00
Derek Nola 9846a72e92
Bump spegel to v0.0.20-k3s1 (#9863)
* Bump spegel to v0.0.20-k3s1

* Remove deprecated libp2p Pretty function

* Remove quic-go pin
   Pinned version is now out of date,  indirect dependencies are now newer, with CVE issue fixed
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-04-05 08:43:19 -07:00
Brad Davidson 7f659759dd Add certificate expiry check and warnings
* Add ADR
* Add `k3s certificate check` command.
* Add periodic check and events when certs are about to expire.
* Add metrics for certificate validity remaining, labeled by cert subject

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-28 12:05:21 -07:00
Derek Nola 6a42c6fcfe
Remove old pinned dependencies (#9806)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:09:48 -07:00
Derek Nola 14f54d0b26
Transition from deprecated pointer library to ptr (#9801)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:07:02 -07:00
Vitor Savian 5d69d6e782 Add tls for kine
Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Bump kine

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

Add integration tests for kine with tls

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-03-28 11:12:07 -03:00
Brian Downs 8aecc26b0f
Update to v1.29.3-k3s1 and Go 1.21.8 (#9747) 2024-03-17 13:33:54 -07:00
Tal Yitzhak 2c4773a5aa
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto (#9513)
Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
2024-03-05 10:56:38 -08:00
Philip Laine 26feb25c40 Bump spegel to v0.0.18-k3s4
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Brad Davidson 109e3e454c Bump helm-controller/klipper-helm versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:55:36 -08:00
Brooks Newberry 3e13e3619c
Update Kubernetes to v1.29.2 (#9493)
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-15 12:48:20 -08:00
Brad Davidson de825845b2 Bump kine and set NotifyInterval to what the apiserver expects
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-09 14:22:38 -08:00
Derek Nola fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
* Reorder copy order for caching
* Enable longer http timeout requests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Roberto Bonafiglia cc04edf05f Update Kube-router to v2.0.1
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-02-09 20:14:51 +01:00
Brad Davidson 9e076db724 Bump cri-dockerd
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Manuel Buil 950473e35f Bump flannel version
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-02-07 10:19:06 +01:00
Brad Davidson 57482a1c1b Bump helm-controller to fix issue with ChartContent
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-02 12:39:51 -08:00
Brad Davidson c635818956 Bump runc and helm-controller versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-01 18:51:51 -08:00
Pedro Tashima d8907ce62c
Update to v1.29.1 (#9259)
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2024-01-18 10:15:18 -03:00
Derek Nola 5303aa60e9
Fix nonexistent dependency repositories (#9213)
* Fix nonexistent dependency repositories

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Restore matching go.sum

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-01-11 11:01:49 -08:00
Brad Davidson c5a299d0ed Bump quic-go for CVE-2023-49295
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-11 10:09:33 -08:00
Brad Davidson 37e9b87f62 Add embedded registry implementation
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Brad Davidson db7091b3f6 Handle logging flags when parsing kube-proxy args
Also adds a test to ensure this continues to work.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-04 16:23:03 -08:00
Pierre bbd68f3a50
Rebase & Squash (#9070)
Signed-off-by: Yodo <pierre@azmed.co>
2024-01-02 12:05:36 -08:00
Hussein Galal 9411196406
Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
* update flannel to v0.24.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove multiclustercidr flag

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-12-20 00:25:38 +02:00
Hussein Galal 7101af36bb
Update Kubernetes to v1.29.0+k3s1 (#9052)
* Update to v1.29.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update to v1.29.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update go to 1.21.5

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update golangci-lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update flannel to 0.23.0-k3s1

This update uses k3s' fork of flannel to allow the removal of
multicluster cidr flag logic from the code

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix flannel calls

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update cri-tools to version v1.29.0-k3s1

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Remove GOEXPERIMENT=nounified from arm builds

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Skip golangci-lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix setup logging with newer go version

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Move logging flags to components arguments

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* add sysctl commands to the test script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update scripts/test

Signed-off-by: Brad Davidson <brad@oatmail.org>

* disable secretsencryption tests

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad@oatmail.org>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2023-12-19 05:14:02 +02:00
Brad Davidson 71a3c35fb7 Bump containerd to v1.7.11
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-12-11 17:04:52 -08:00
Brad Davidson b9c288f702 Bump containerd/runc to v1.7.10-k3s1/v1.1.10
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-12-08 18:17:19 -08:00
Johnatas 3f23723035
Update to v1.28.4 (#8920)
Signed-off-by: Johnatas <johnatas.santos@suse.com>
2023-11-22 15:01:45 -03:00
Brad Davidson 3a6284e2b9 Bump dynamiclistener to fix secret sync race
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-17 10:09:01 -08:00
Brad Davidson 6c544a4679 Add jitter to client config retry
Also:
* Replaces labeled for/continue RETRY loops with wait helpers for improved readability
* Pulls secrets and nodes from cache for node password verification
* Migrate nodepassword tests to wrangler mocks for better code reuse

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-16 09:53:28 -08:00
Brad Davidson 32a1efa408 Bump kine to fix multiple issues
Ref: https://github.com/k3s-io/kine/releases/tag/v0.11.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-14 15:50:56 -08:00
Johnatas 6aef26e94b
Update to v1.28.3 (#8682) 2023-10-19 16:54:48 -07:00
Sean Yen 0c9bf36fe0
[K3s][Windows Port] Build script, multi-call binary, and Flannel (#7259)
* initial windows port.

Signed-off-by: Sean Yen <seanyen@microsoft.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Wei Ran <weiran@microsoft.com>
2023-10-16 14:53:09 -04:00
Brad Davidson 3abc8b82ed Bump traefik, golang.org/x/net, google.golang.org/grpc
Fixes exposure to CVE-2023-39325

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-13 09:45:54 -07:00
Brad Davidson 5fe4f6709a Bump containerd to v1.7.7-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 14:46:26 -07:00
Roberto Bonafiglia ad206310d1 Update kube-router
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-09-27 10:41:48 +02:00