Commit Graph

3215 Commits (b8f101fd892b200054f61bd9f92401f92b1389a1)

Author SHA1 Message Date
Flavio Castelli 64e4f0e6e7 fix: use correct wasm shims names
Fix the wasm shim detection and the containerd configuration generation.

Prior to this commit, the binary and the `RuntimeType` values were not
correct.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
2024-03-05 13:12:08 -08:00
Tal Yitzhak 2c4773a5aa
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto (#9513)
Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
2024-03-05 10:56:38 -08:00
Brad Davidson 091a5c8965 Don't register embedded registry address as an upstream registry
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Brad Davidson b5a4846e9d Remove filtering of wildcard mirror entry
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Brad Davidson 84a071a81e Add env var to allow spegel mirroring of `latest` tag
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Philip Laine 26feb25c40 Bump spegel to v0.0.18-k3s4
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
Brad Davidson 88d30f940d Use and version flannel/cni-plugin properly
Moves us closer to using the proper upstream for our flannel CNI plugin, instead of the snapshot that is vendored into our plugins fork.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 13:36:13 -08:00
Brad Davidson 0b3593205a Move snapshot-retention to EtcdSnapshotFlags in order to support loading from config
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 12:09:29 -08:00
Brad Davidson 3576ed4327 Clean up snapshotDir create/exists logic
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 12:09:29 -08:00
Brad Davidson b164d7a270 Fix additional corner cases in registries handling
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 11:59:33 -08:00
Derek Nola 29c73e6965
Fix setup-go typos (#9634)
* Fix setup-go typos

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-04 10:18:36 -08:00
Derek Nola 935ad1dbac
Move docker tests into tests folder (#9555)
* Move docker tests into tests folder
* Remove old test certs
* Update TESTING.md with docker test inf

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-04 09:15:40 -08:00
Derek Nola 138a107f4c
Reenable Install and Snapshotter Testing (#9601)
* Use regular ubuntu runners for install and snapshotter tests
* Workaround for vagrant box caching
* Update testing readme
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-04 09:11:04 -08:00
Brooks Newberry 81a60de256
update stable channel to v1.28.7+k3s1 (#9615) 2024-03-01 14:40:41 -08:00
Brad Davidson 109e3e454c Bump helm-controller/klipper-helm versions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:55:36 -08:00
Brad Davidson 82432a2df7 Fix issue with etcd node name missing hostname
* Set ServerNodeName in snapshot CLI setup
* Raise errer if ServerNodeName ends up empty some other way
* Fix status controller to use etcd node name annotation instead of prefix checking

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:52:53 -08:00
Brad Davidson 513c3416e7 Tweak netpol node wait logs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 12:01:34 -08:00
Brad Davidson be569f65a9 Fix NodeHosts on dual-stack clusters
* Add both dual-stack addresses to the node hosts file
* Add hostname to hosts file as alias for node name to ensure consistent resolution

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 11:59:59 -08:00
Edgar Lee 8c83b5e0f3 Rootless mode also bind service nodePort to host for LoadBalancer type
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-03-01 10:43:19 -08:00
Derek Nola 3e948aa0d5
Correct formatting of GH PR sha256sum artifact (#9472)
* Conform to how the install script wants the sha256sum name
* Remove no-op sed for GH PR install

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-01 08:45:01 -08:00
Derek Nola 8f777d04f8
Better GitHub CI caching strategy for golang (#9495)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-01 08:41:09 -08:00
Manuel Buil 736fb2bc8d Add an integration test for flannel-backend=none
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-03-01 12:08:09 +01:00
Manuel Buil 3b4f13f28d Update klipper-lb image version
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-03-01 11:28:12 +01:00
Derek Nola fa37d03395
Update install test OS matrix (#9480)
* Remove old cgroupsv2 test
* Consolidate install test clauses into functions
* Unpin vagrant-k3s plugin version, run latest
* Add ubuntu-2204 as install test, remove ubuntu-focal
* Update nightly install matrix
* Move to Leap 15.5
* Consolidate vagrant box caching key to improve cache hits on all VM testing

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-29 15:41:56 -08:00
Derek Nola 922c5a6bed
Unit Testing Matrix and Actions bump (#9479)
cache is now on by default

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-29 15:41:05 -08:00
Derek Nola 57e11c72d1
Testing ADR (#9562)
* Update contributing with new links
* Testing ADR

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-29 15:36:11 -08:00
Brad Davidson 86f102134e Fix netpol startup when flannel is disabled
Don't break out of the poll loop if we can't get the node, RBAC might not be ready yet.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-26 14:58:48 -08:00
Brad Davidson fae0d99863 Use 3/2/1 cluster for split role test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-21 12:21:19 -08:00
Derek Nola f90fd7b744 Change default number of etcd nodes in E2E splitserver test
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-21 12:21:19 -08:00
Derek Nola fae41a8b2a Rename AgentReady to ContainerRuntimeReady for better clarity
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-21 12:21:19 -08:00
Derek Nola 91cc2feed2 Restore original order of agent startup functions
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-21 12:21:19 -08:00
Brooks Newberry 1c1746114c
remove e2e logs drone step (#9517)
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-16 06:32:55 -08:00
Derek Nola 085ccbb0ac
Fix drone publish for arm (#9503)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-15 16:53:10 -08:00
Brooks Newberry 3e13e3619c
Update Kubernetes to v1.29.2 (#9493)
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-15 12:48:20 -08:00
Brad Davidson de825845b2 Bump kine and set NotifyInterval to what the apiserver expects
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-09 14:22:38 -08:00
Edgar Lee 0ac4c6a056 Expose rootless containerd socket directories for external access
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-02-09 14:22:03 -08:00
Edgar Lee 14c6c63b30 Expose rootless state dir under ~/.rancher/k3s/rootless
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-02-09 14:21:52 -08:00
Oleg Matskiv e3b237fc35 Don't verify the node password if the local host is not running an agent
Signed-off-by: Oleg Matskiv <oleg.matskiv@gmail.com>
2024-02-09 14:21:43 -08:00
Mikhail Vorobyov 701e7e45ce Fix iptables check when sbin isn't in user PATH
Signed-off-by: Mikhail Vorobyov <mikhail.vorobev@uni.lu>
2024-02-09 13:59:47 -08:00
Derek Nola fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
* Reorder copy order for caching
* Enable longer http timeout requests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Oliver Larsson cfc3a124ee
[Testing]: Test_UnitApplyContainerdQoSClassConfigFileIfPresent (Created) (#8945)
Problem:
Function not tested.

Solution:
Unit test added.

Signed-off-by: Oliver Larsson <larsson.e.oliver@gmail.com>
2024-02-09 11:28:06 -08:00
Roberto Bonafiglia cc04edf05f Update Kube-router to v2.0.1
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-02-09 20:14:51 +01:00
Harrison Affel a36cc736bc allow executors to define containerd and docker behavior
Signed-off-by: Harrison Affel <harrisonaffel@gmail.com>
2024-02-09 15:51:35 -03:00
Derek Nola b1323935dc
Add codcov secret for integration tests on Push (#9422)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-08 09:01:36 -08:00
Brad Davidson 753c00f30c Consistently handle component exit on shutdown
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Brad Davidson 9e076db724 Bump cri-dockerd
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-07 10:23:54 -08:00
Vitor Savian e9cec46a23 Runtimes refactor using exec.LookPath
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-02-07 15:06:16 -03:00
Vitor Savian f9ee66f4d8 Changed how lastHeartBeatTime works in the etcd condition
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-02-07 15:05:33 -03:00
Paulo Gomes 358c4d6aa9
build: Align drone base images (#8959)
Align the base images used in drone with the images used across the
ecosystem.

Signed-off-by: Paulo Gomes <paulo.gomes@suse.com>
2024-02-07 09:25:06 -08:00
Manuel Buil 950473e35f Bump flannel version
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-02-07 10:19:06 +01:00