Commit Graph

3267 Commits (984151745723c9aad95161fdd7cd466d8bc219d6)

Author SHA1 Message Date
Brad Davidson 0919ec6755 Ensure cluster-signing CA files contain only a single CA cert
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-06 15:09:31 -08:00
Brad Davidson 1ec242d816 Add example certificate generation script
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-06 15:09:31 -08:00
Felix Niederwanger 7e59376bb9
Fix check for (open)SUSE version (#6791)
Fix the check, if we're running SUSE or openSUSE in the installer
script.

Signed-off-by: phoenix <felix.niederwanger@suse.com>
2023-02-06 11:27:12 -08:00
Paulo Gomes ee007bc7cf
Bump deps: trivy, sonobuoy, dapper (#6807)
- trivy v0.36.1
- sonobuoy v0.56.14
- golangci-lint v1.50.1
- gopls v0.11.0
- dapper v0.6.0
- golang v1.19.5

Signed-off-by: Paulo Gomes <paulo.gomes@suse.com>
2023-02-06 11:25:24 -08:00
Robert Schweikert bb353f5d2b
Fix reference to documentation (#6860)
The documentation is no longer part of the Rancher project but can be found in
k3s-io/docs. Fix the wording an link in the contribution docs to point the
potential contributor to the proper location

Signed-off-by: Robert Schweikert <rjschwei@suse.com>
2023-02-06 11:16:14 -08:00
Derek Nola 7cad3db251
E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851)
* Convert docker E2E to startup E2E
* Move preferedbundled into the e2e startup test

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-02-06 10:39:46 -08:00
Derek Nola 32086717fc
Ensure flag type consistency (#6852)
* Convert all flags to pointers for consistency

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 12:57:48 -08:00
Derek Nola 750cff561d
Bump vagrant boxes to fedora37 (#6832)
* Bump to generic/fedora37
* fix epic permissions
* Disable sonobuoy on rootless

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-30 13:14:29 -08:00
Akos Elek 9fcc7c0db8
Fix cronjob example (#6707)
Related PR:
https://github.com/rancher/rke2-docs/pull/38

Signed-off-by: Akos Elek <akose73@tazerve.hu>
2023-01-30 10:52:22 -08:00
Derek Nola 0d4caf4e24
Wait for cri-dockerd socket (#6812)
* Wait for cri-dockerd socket
* Consolidate cri utility functions

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-27 13:16:59 -08:00
Brad Davidson 1c6fde9a52 go generate
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-27 12:09:18 -08:00
Brad Davidson 369b81b45e Honor Service ExternalTrafficPolicy
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-27 12:09:18 -08:00
Brad Davidson 94d1a87509 Bump wrangler version for EndpointSlice support
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-27 12:09:18 -08:00
Derek Nola 86e36225f5
Consolidate E2E tests and GH Actions (#6772)
* Consolidate cluster reset and snapshot E2E tests
* Add more context to secrets-encryption test
* Reuse build workflow
* Convert updatecli to job level permissions
* Remove dweomer microos from E2E and install testing

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-27 09:01:13 -08:00
Hrittik Roy 808c71a63e
Add Ayedo (#6801)
Signed-off-by: Hrittik Roy <67012359+hrittikhere@users.noreply.github.com>
2023-01-27 11:37:44 -05:00
Derek Nola 75f77ab951
E2E Rancher and Hardened script improvements (#6778)
* Improve test-pad rancher script

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Improve hardened script and added kube-bench utility script

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Apply same audits for 1.22 and older

Signed-off-by: Derek Nola <derek.nola@suse.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-26 18:17:33 -08:00
Brooks Newberry f0655f153e
update stable channel to v1.25.6+k3s1 (#6828) 2023-01-26 18:09:46 -08:00
Brad Davidson 3cb6fa5cc7 Set cri-dockerd version at build time
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:32:28 -08:00
Brad Davidson f72649d1bd Bump cri-dockerd
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:32:28 -08:00
Brad Davidson 89f7062431 Add build tag to disable cri-dockerd
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:29:18 -08:00
Brooks Newberry f10af367c3
Update to v1.26.1-k3s1 (#6774) 2023-01-19 07:56:32 -08:00
Brooks Newberry f19892c2d2
drone correct plugins/docker tag supporting linux/arm (#6769) 2023-01-18 12:38:51 -08:00
Derek Nola 291f8bfe00
Slow dependency CI to weekly (#6764)
* Add labels to updatecli PRs
* Run weekly

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-18 09:39:46 -08:00
ShylajaDevadiga 2007cdd54f
generate report and upload test results (#6737)
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>

Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
Co-authored-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2023-01-18 09:34:52 -08:00
Derek Nola 7bbcac92fd
Bump download action to v3 (#6746)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-17 11:04:34 -08:00
Nikolai Shields d71ab6317e
Update stable to 1.25.5+k3s2 (#6753) 2023-01-14 12:12:51 -06:00
Brad Davidson f54b5e4fa0 Fix CI tests
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-13 17:22:25 -08:00
Silvio Moioli 23c1040adb
Bugfix: do not break cert-manager when pprof is enabled (#6635)
Signed-off-by: Silvio Moioli <silvio@moioli.net>
2023-01-13 16:09:14 -08:00
github-actions[bot] a4549cf989
chore: Bump golang:alpine version (#6683)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-01-12 18:58:04 -05:00
Brad Davidson 8340b54309 Pass through default tls-cipher-suites
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-12 14:51:04 -08:00
Derek Nola cc3583399a
Add explicit permissions to workflows (#6700)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-12 13:57:57 -08:00
dependabot[bot] d85952d6a0
Bump ubuntu from 20.04 to 22.04 in /tests/e2e/scripts (#6686)
Bumps ubuntu from 20.04 to 22.04.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 13:57:28 -08:00
Derek Nola 674a05478f
Containerd restart testlet (#6696)
* Add containerd testlet to startup integration
* Fix all log dumps
* Stop server gracefully

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-12 13:43:31 -08:00
Brad Davidson d78e490716 Bump containerd to v1.6.15-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-12 11:50:43 -08:00
dependabot[bot] e53500f37f
Bump alpine from 3.16 to 3.17 in /conformance (#6687)
Bumps alpine from 3.16 to 3.17.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 14:32:14 -05:00
dependabot[bot] c7151e8b61
Bump alpine from 3.16 to 3.17 in /package (#6688)
Bumps alpine from 3.16 to 3.17.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 14:31:56 -05:00
Chris Wayne 3cafc8e6dd
RIP Codespell (#6701)
* RIP Codespell

Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2023-01-11 16:23:29 -08:00
ShylajaDevadiga fd8481a29d
Adjust e2e test run script and fixes (#6718)
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2023-01-11 16:09:45 -08:00
Brad Davidson a298bfdb18 Add jitter to scheduled snapshots and retry harder on conflicts
Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-11 14:32:03 -08:00
Brad Davidson f0ec6a4c12 Exclude December r1 releases from channel server
Stop offering installs of these releases due to the critical containerd regression.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-06 13:34:38 -08:00
Brad Davidson bc6bebc998 Bump containerd to v1.6.14-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-04 12:53:07 -08:00
Guilherme Macedo 454440f9a3
Add Dependabot config for security ADR (#6560)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-01-03 14:01:57 -05:00
Alexey Vazhnov 870d9c32b0
Fix OpenRC init script error 'openrc-run.sh: source: not found' (#6614)
To avoid error message:

user@server ~ % /etc/init.d/k3s status
/lib/rc/sh/openrc-run.sh: 28: /etc/init.d/k3s: source: not found
/lib/rc/sh/openrc-run.sh: 29: /etc/init.d/k3s: source: not found
 * status: stopped

I've replaced `source` with `sourcex`, defined in https://github.com/OpenRC/openrc/blob/master/sh/openrc-run.sh.in#L30
Classic shell `.` also works.
Tested in Devuan 5 Daedalus (based on Debian 12 bookworm / testing), package `openrc` version 0.45.2-2.

Signed-off-by: Alexey Vazhnov <vazhnov@boot-keys.org>
2023-01-03 14:00:22 -05:00
Guilherme Macedo 97f162291a
Change Updatecli GH action reference branch (#6682)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-01-03 13:26:14 -05:00
Nikolai Shields beafd9eaff
Update stable to v1.25.5 (#6618) 2023-01-03 12:03:58 -06:00
Guilherme Macedo 8f28de259c
Add initial Updatecli ADR automation (#6583)
* Add initial Updatecli ADR automation

Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-01-03 12:56:08 -05:00
Chris Wayne 9e97a3b4aa
Current status badges (#6653)
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2022-12-28 19:18:51 -05:00
Brad Davidson fae8817655 Bump k3s-root version to v0.12.1
Adds support for loading compressed kernel modules

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 16:54:43 -08:00
Brad Davidson 0c9b43746b Preload iptable_filter/ip6table_filter
ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 12:51:00 -08:00
Hussein Galal f8b661d590
Update to v1.26.0-k3s1 (#6370)
* Update to v1.26.0-alpha.2

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go generate

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Default CURRENT_VERSION to VERSION_TAG for alpha versions

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove containerd package

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update k8s to v1.26.0-rc.0-k3s1 cri-tools cri-dockerd and cadvisor

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* replace cri-api reference to the new api

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix version script to allow rc and alphas

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix version script to allow rc and alphas

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix version script to allow rc and alphas

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update to Kubernetes 1.26.0-rc.1

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Undo helm-controller pin

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Bump containerd to -k3s2 for stargz fix

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* DevicePlugins featuregate is locked to on

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Bump kine for DeleteRange fix

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Update to v1.26.0-k3s1

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Bring back snapshotter checks and update golang to 1.19.4

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix windows containerd snapshotter checks

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-10 01:42:15 +02:00