36084d55ba
Bump binary size limit to 70MB
...
Cherry-picked from ba62c79f9b
2023-05-11 14:53:55 -07:00
580e120685
Bump containerd/runc to v1.7.1-k3s1/v1.1.7
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-11 14:53:55 -07:00
8a2a111c86
Bump helm-controller version for repo auth/ca support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-10 15:02:29 -07:00
391b08309c
Bump cni plugins to v1.2.0-k3s1
...
Also add bandwidth and firewall plugins. The bandwidth plugin is
automatically registered with the appropriate capability, but the
firewall plugin must be configured by the user if they want to use it.
Ref: https://www.cni.dev/plugins/current/meta/firewall/
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit cedefeff24
2023-05-10 15:02:29 -07:00
1cfdb5a355
Bump traefik to v2.9.10
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 0bbc6ad3f0
2023-05-10 15:02:29 -07:00
fde755cc86
Bump k3s-root for aarch64 page size fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 9539147ee1
2023-05-10 15:02:29 -07:00
41bf3614a1
Bump runc, containerd, docker dependencies ( #7453 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-05-08 12:48:08 -07:00
8f27774e8b
[Release-1.24] Add E2E testing in Drone ( #7376 )
...
* Initial drone vagrant pipeline
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Build e2e test image
* Add ci flag to secretsencryption
* Fix vagrant log on secretsencryption
* Add cron conformance pipeline
* Add string output for nodes
* Switch snapshot restore for upgrade cluster
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Added IPv6 check and agent restart on e2e test utils
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
* Drone: Cleanup E2E VMs on test panic (#7104 )
* Cleanup leftover VMs in E2E pipeline
* Clean E2E VMs before testing (#7109 )
* Cleanup VMs proper
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Dont run most pipelines on nightly cron
* Improve RunCmdOnNode error
* Pin upgradecluster to v1.24
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
Co-authored-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-05-01 14:14:28 -07:00
a6bd15fb71
[release-1.24] Update klipper lb and helm-controller ( #7241 )
...
* Update klipper lb and helm-controller
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update klipper helm image
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
---------
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-04-06 22:43:30 +02:00
b6a11bf2df
Ensure that loopback is used for the advertised address when resetting
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit de80c07053
2023-04-05 16:29:31 -07:00
c313b5b70c
Bump Local Path Provisioner version ( #7167 )
...
* chore: Bump Local Path Provisioner version
* go generate
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
(cherry picked from commit cee3ddbc4a
2023-04-05 16:29:31 -07:00
ca5746785c
Update/rename certs.sh; add default cert rotation script
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-03-13 20:08:26 -07:00
b2ae48984f
[Release-1.24] Bump various dependencies for CVEs ( #7042 )
...
* Match golang.org/x/net with flannel version
* Match golang.org/x/sys with containerd version
* Update wrangler to 1.1.1
* Update gax-go to v2.1.1
* Isolate E2E terraform dependencies
* Bump containerd
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-13 09:36:32 -07:00
7ab75db48a
Wait for server to become ready before creating token
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-10 09:34:10 -08:00
9f4a477c8c
Add CI test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b43dd7746d
2023-02-10 09:34:10 -08:00
f4fc44ec4a
Add support for `k3s token` command
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 373df1c8b0
2023-02-10 09:34:10 -08:00
0d9825aaf7
Add basic test for custom CA certs
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8a6404f97c
2023-02-10 09:34:10 -08:00
be26a6e618
Set cri-dockerd version at build time
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-26 14:43:47 -08:00
f7e375979f
Fix CI tests
...
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f54b5e4fa0
2023-01-18 09:17:39 -08:00
739be58a8b
Bump containerd to v1.6.15-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-13 22:15:59 -08:00
0d4e64f7bd
Bump containerd to v1.6.14-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-01-04 14:25:43 -08:00
4dcf0a33bc
Bump k3s-root version to v0.12.1
...
Adds support for loading compressed kernel modules
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-13 18:28:28 -08:00
339d4e36a5
Bump containerd to v1.6.12
...
Also bump containerd client module to v1.5.16-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-12-09 17:33:12 -08:00
d5ef9e1a12
Bump k3s-root and remove embedded strongswan support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2835368ecb
2022-12-02 00:20:37 -08:00
3edc59522b
Bump metrics-server to v0.6.2
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2a496d4fd3
2022-12-02 00:20:37 -08:00
cfa7be05cc
Bump klipper-helm and klipper-lb versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a07bb555ba
2022-12-02 00:20:37 -08:00
f5f17727ff
Pull modified traefik charts from k3s-charts repo
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7964ada773
2022-12-02 00:20:37 -08:00
a829475086
Bump containerd to v1.6.10-k3s1
...
Also bump linked-in version of containerd module to v1.5.14-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 6462a31b96
2022-12-02 00:20:37 -08:00
f457794d8e
Add new `prefer-bundled-bin` experimental flag ( #6420 )
...
* initial prefer-bundled-bin ci change
* Add startup testlet
* Convert parsing to pflag library
* Fix code validation
* go mod tidy
Signed-off-by: Derek Nola <derek.nola@suse.com>
(cherry picked from commit 0f52088cd3
2022-12-02 00:20:37 -08:00
7c75acedd6
Fix artifact upload with `aws s3 cp`; update secret
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 953c7699b4
2022-11-28 15:22:25 -08:00
060adae6e0
Fix passing AWS creds through Dapper
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 16fa128e96
2022-11-28 15:22:25 -08:00
467a456c31
Switch from Google Buckets to AWS S3 Buckets ( #6497 )
...
* Add python pip pakacge to install aws cli
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Upload build artifacts to aws s3 instead of gcp bucket
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Upload logs to aws s3 instead of google buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Replace gcloud auth with aws credentials for artifact uploading to buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
* Replace usage of google bucket with aws s3 buckets
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
(cherry picked from commit 4e2e91e089
2022-11-28 15:22:25 -08:00
648004e4fa
Move traefik chart repo again ( #6509 )
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-15 21:33:52 +02:00
daa8601117
Pull traefik helm chart directly from GH
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-08 16:41:32 -08:00
4a7cbdb338
log kube-router version when starting netpol controller
...
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2022-11-04 11:00:48 +01:00
ddced04af2
Fix test-mods to allow for pinning version from k8s.io
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
5dca247d41
Bump coredns to v1.9.4
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
acba1ae494
Bump local-path-provisioner to v0.0.23
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
13b268ba6d
Fix sonobouy tests on v1.25
...
Use --disable instead of --no-deploy, and don't silently succeed if sonobouy never runs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
0b19c2b76e
Replace deprecated k8s registry references.
...
Problem:
Previously all of Kubernetes' image hosting has been out of gcr.io. There were significant egress costs associated with this when images were pulled from entities outside gcp. Refer to https://github.com/kubernetes/k8s.io/wiki/New-Registry-url-for-Kubernetes-(registry.k8s.io)
Solution:
As highlighted at KubeCon NA 2022 k8s infra SIG update, the replacement for k8s.gcr.io which is registry.k8s.io is now ready for mainstream use and the old k8s.gcr.io has been formally deprecated. This commit migrates all references for k3s to registry.k8s.io.
Signed-off-by: James Blair <mail@jamesblair.net>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
71abdec649
Bump traefik to v2.9.4 / chart v18.3.0
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
a877ea59ec
Remove vagrant dev env ( #6395 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
4894770336
Disable optimizations and symbol stripping on debug builds ( #6147 )
...
Signed-off-by: Silvio Moioli <silvio@moioli.net>
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
e3042d13fa
Add new tests to test list
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
cf156b57bd
Add upgrade test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
6883979367
Add hardened cluster test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
a803eecbde
Fix flakey traefik upgrade in etcd test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
4577f87ef1
Bump test framework versions and add hooks to helpers
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-11-03 20:54:07 -07:00
c1c7b95dc0
Fix flakey etcd test
...
Taint the first node so that the helm job doesn't run on it. In a real cluster the helm job would eventually succeed once all the servers were upgraded and had the new chart tarball.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-10-07 16:57:30 -07:00
6ed1e1423f
Fix helm job failure on multi-server tests
...
Replace ETCD-JOIN-STABLE-SECOND with ETCD-JOIN-LATEST-FIRST. We don't
support joining down-level servers to existing clusters, as the new
down-level server will try to deploy older versions of the packaged
manifests.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-10-07 16:57:30 -07:00
Brad Davidson