* Update to v1.23.17
* update workflows and dockerfiles to proper go version
* add changes to go.mod and go.sum from the go mod tidy command
------
Signed-off-by: matttrach <matttrach@gmail.com>
Turns out etcd-only nodes were never running **any** of the controllers,
so allowing multiple controllers didn't really fix things.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Allow bootstrapping with kubeadm bootstrap token strings or existing
Kubelet certs. This allows agents to join the cluster using kubeadm
bootstrap tokens, as created with the `k3s token create` command.
When the token expires or is deleted, agents can successfully restart by
authenticating with their kubelet certificate via node authentication.
If the token is gone and the node is deleted from the cluster, node auth
will fail and they will be prevented from rejoining the cluster until
provided with a valid token.
Servers still must be bootstrapped with the static cluster token, as
they will need to know it to decrypt the bootstrap data.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 992e64993d)
This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 215fb157ff)
Prevents errors when starting with fail-closed webhooks
Also, use panic instead of Fatalf so that the CloudControllerManager rescue can handle the error
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Consolidate E2E tests and GH Actions (#6772)
* Consolidate cluster reset and snapshot E2E tests
* Add more context to secrets-encryption test
* Reuse build workflow
* Convert updatecli to job level permissions
* Remove dweomer microos from E2E and install testing
Signed-off-by: Derek Nola <derek.nola@suse.com>
* E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851)
* Convert docker E2E to startup E2E
* Move preferedbundled into the e2e startup test
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f54b5e4fa0)
Made with ❤️️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
(cherry picked from commit a4549cf989)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Backport PR 6131
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Add cluster reset test to nightly builds
* Add journalctl logs to E2E tests
* Expand nightly E2E tests (#6354)
* Add snapshot restore e2e test (#6396)
* Convert test output to JSON format (#6410)
* Fix E2E test for prefer-bundled-bin
* Fix external ip test
Signed-off-by: Shylaja Devadiga <shylaja@rancher.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Matt Trachier