Commit Graph

3413 Commits (b5e2fa77a6d1902a1c6ef8a16cdc4d37e5a35be5)

Author SHA1 Message Date
manuelbuil e475ba70b8 Add e2e test for advanced fields in services
Signed-off-by: manuelbuil <mbuil@suse.com>
2024-10-09 12:32:27 +02:00
Brad Davidson c6392c9ffc Fix issue that caused passwd file and psk to be regenerated when rotating CA certs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-08 17:03:31 -07:00
Brad Davidson b1a42e5d43 Add ca-cert rotation integration test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-08 17:03:31 -07:00
github-actions[bot] e9c529530c
chore: Bump Trivy version (#10996)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-10-07 13:38:24 -07:00
Brad Davidson 0826ebc142 Fix race condition when multiple nodes reconcile S3 snapshots
Don't delete s3 etcdsnapshotfiles if they are missing from s3 but less than a minute old, its possible the other node just finished uploading it and the object key has not yet become visible.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-07 11:11:58 -07:00
Ludo Stellingwerff 38d13e03d9
Allow additional Rootless CopyUpDirs through K3S_ROOTLESS_COPYUPDIRS env variable (#10386)
Signed-off-by: Ludo Stellingwerff <ludo.stellingwerff@gmail.com>
2024-10-07 09:38:11 -07:00
Brad Davidson 0942e6a0c5 Fix sqlite endpoint when migrating from sqlite to etcd
Support for 'sqlite' as the endpoint was removed in
https://github.com/k3s-io/kine/pull/320 and the constant removed in
https://github.com/k3s-io/kine/pull/325

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-03 10:54:03 -07:00
Brad Davidson c9e7b05971 Bump kine
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-03 10:54:03 -07:00
Papiris f288ccea7e
Remove trailing whitespace (#9362)
* Remove trailing whitespace from install.sh

Signed-off-by: Papiris <contributions@ingeniorskap.no>

* Update install.sh.sha256sum

Signed-off-by: Papiris <contributions@ingeniorskap.no>

---------

Signed-off-by: Papiris <contributions@ingeniorskap.no>
2024-10-02 09:51:11 -07:00
jonarmani 7ca021ea89
Update README.md (#10523)
Half of 8 is 3, in a way.

Signed-off-by: jonarmani <3901100+jonarmani@users.noreply.github.com>
2024-10-02 09:50:45 -07:00
Derek Nola cd02fdfa39
Bump to new wharfie version (#10971)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-02 08:58:08 -07:00
Vitor Savian 1ff43bf07f Add user path to runtimes search
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-10-02 09:52:11 -03:00
Derek Nola ab89363e18
Fix trivy vex line (#10970)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-01 15:06:49 -07:00
Guilherme Macedo 0553a1a1d9
Pass Rancher's VEX report to Trivy to remove known false-positives CVEs (#10956)
Signed-off-by: Guilherme Macedo <guilherme@gmacedo.com>
2024-10-01 17:20:35 -04:00
Brad Davidson 6c6d87d1b0 Bump traefik to chart 27.0.2 / appVersion v2.11.10
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-30 12:49:18 -07:00
github-actions[bot] a809749edc
chore: Bump Trivy version (#10924)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-30 12:40:13 -07:00
Derek Nola 2739f50d77
Trivy workflow: Checkout repo to use gh cli (#10949)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-25 13:20:26 -07:00
Derek Nola 97e8486032
Fix trivy report download (#10943)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-25 10:09:09 -07:00
Brad Davidson cda31ebd67 Bump kine to v0.13.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-25 10:02:04 -07:00
Derek Nola 3a268acb78
Check k3s-io organization membership not team membership for trivy scans (#10940)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 14:37:32 -07:00
Derek Nola 6731f4a70d
Fix getMembershipForUserInOrg call (#10937)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 13:06:27 -07:00
Derek Nola 005711fad6
Breakup trivy scan and check comment author (#10935)
* Check comment author on trivy scan
* Breakup trivy workflow for better permission security

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 12:10:31 -07:00
Brad Davidson ed14f7f863 Use static CNI bin dir
Maintain a separate dir for CNI binaries so that additional plugins can be installed in a predictable location that does not change every time k3s is upgraded.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-23 11:31:54 -07:00
Brooks Newberry ea5add3c3b
update stable channel tov1.30.5+k3s1 (#10921) 2024-09-23 07:10:06 -07:00
Robert Silén 40eda6a823
Add MariaDB to E2E (#10724)
* add mariadb to Validate and Upgrade E2E tests

Signed-off-by: robertsilen <robert.silen@iki.fi>
Signed-off-by: Robert Silén <robert.silen@iki.fi>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-09-19 08:40:02 -07:00
Brooks Newberry 7d66fa7ffa update kubernetes to v1.31.1-k3s3
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-09-18 10:47:29 -07:00
github-actions[bot] e6d1cf1009
chore: Bump Trivy version (#10899)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-17 10:03:23 -07:00
Manuel Buil 483d76b34a Add int test for flannel-ipv6masq
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-09-17 12:00:33 +02:00
github-actions[bot] 13612ef376
chore: Bump Trivy version (#10863)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-12 09:37:49 -07:00
Brad Davidson d6c20b7452 Fix hosts.toml header var
Resolves issue from 270f85e468 that prevented old hosts.toml files from being cleaned up.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-10 14:59:41 -07:00
Derek Nola 61c7011cab
Give good report if no CVEs found in trivy (#10853)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-06 14:58:26 -07:00
Arne Winter c4c11e51f1
add node-internal-dns/node-external-dns address pass-through support (#10852)
* add --node-internal-dns and --node-external-dns

Signed-off-by: Arne Winter <github@arnewinter.dev>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 14:15:19 -07:00
Derek Nola 216c3671b7
Remove otelgrpc pinned dependency (#10799)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-06 10:56:55 -07:00
Brad Davidson 270f85e468 Only clean up containerd hosts dirs managed by k3s
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 17:21:55 -07:00
Brad Davidson 378edb939d Tag PR image build as latest before scanning
This is less effort than passing the tag across steps 🤷‍♂️

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 15:21:56 -07:00
Brad Davidson 662799feec Bump helm-controller for skip-verify/plain-http and updated tolerations
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 15:21:42 -07:00
Brad Davidson d746073bd0 Bump containerd to v1.7.21, runc to v1.1.14
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 11:03:31 -07:00
Brad Davidson 29e25a61e6 Add channel for v1.31
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 08:50:04 -07:00
Derek Nola 36282dc39b
Launch private registry with init so the container can be killed on cleanup (#10822)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-04 16:22:24 -07:00
Brad Davidson 3d6e4a793a Fix /trivy action running against target branch instead of PR branch
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-04 15:57:39 -07:00
github-actions[bot] de4bb2e13c
chore: Update sonobuoy image versions (#10792)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-04 14:00:09 -07:00
Roberto Bonafiglia 28ceeec489 Update CNI plugins version
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-09-04 15:40:46 +02:00
dependabot[bot] dacc636cf4
Bump aquasecurity/trivy-action from 0.20.0 to 0.24.0 (#10795)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.20.0 to 0.24.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.20.0...0.24.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 09:14:54 -07:00
Derek Nola 254c16fdd5
Cover edge case when on new minor release for E2E upgrade test (#10781)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-03 09:13:34 -07:00
Derek Nola fa6940d03d
Add trivy scanning trigger for PRs (#10758)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-30 09:00:50 -07:00
Harsimran Singh Maan 0b4d2497e5 Update coredns to 1.11.3 and metrics-server to 0.7.2
Used https://github.com/coredns/corefile-migration to
migrate the corefile. There are no changes for the
default file from 1.10.1 to 1.11.3.

Notable plugin changes include the k8s_external with fallthrough option
and rewrite with cname_target option.

These changes are not part of the default config that ships
with k3s. Customers using these two plugins can start using the new options

Metrics does not have any new features other than build tooling updates.

Requires https://github.com/rancher/image-mirror/pull/704

Signed-off-by: Harsimran Singh Maan <maan.harry@gmail.com>
2024-08-29 15:00:45 -07:00
Brad Davidson bd45aa5c45 Bump traefik to v2.11.8
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-08-29 14:02:58 -07:00
Hussein Galal 9a69ecd58c
Update kubernetes to v1.31.0-k3s3 (#10764)
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2024-08-29 23:56:56 +03:00
Derek Nola 85e02e10d7
Remove secrets encryption controller (#10612)
* Remove secrets encryption controller

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-26 08:31:49 -07:00
Derek Nola fc2eb49e38
Fix deploy latest commit on E2E tests (#10725)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-26 08:22:42 -07:00