Commit Graph

3404 Commits (b93fd98a1c733b61ac515e07f4abcaf27d2f6b7f)

Author SHA1 Message Date
Derek Nola f2bde63eea
Kubernetes v1.27.1 (#7271)
* Bump go version to 1.20.3 to match upstream
* Bump cri-dockerd
* Bump golanci-lint
* go generate
* Bump selinux in cgroup test
* Bump to v1.27.1 tags
* Release documentation improvements
* Only run upgrade e2e test on PR

Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-18 21:48:36 -07:00
github-actions[bot] 8d0255af07
Bump Trivy version (#7257)
* chore: Bump Trivy version

Made with ❤️️ by updatecli

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-04-18 09:48:27 -07:00
github-actions[bot] 779d5f3aa2
chore: Updated the content of the file "/tmp/updatecli/github/k3s-io/... (#7256)
... k3s/conformance/Dockerfile"
Updated the content of the file "/tmp/updatecli/github/k3s-io/k3s/Dockerfile.test"

Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-04-18 09:46:56 -07:00
github-actions[bot] 554ad87c8d
chore: Bump golang:alpine version (#7292)
Made with ❤️️ by updatecli

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-04-18 09:46:42 -07:00
Brian Downs 257fa2c54c
Update to v1.26.4-k3s1 (#7282) 2023-04-13 13:51:37 -07:00
Roberto Bonafiglia d9f40d4f5b Update install script to clean iptables rules before start
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-04-12 22:33:10 +02:00
Roberto Bonafiglia 0c683720ad Update kube-router to insert iptables rules right after kubernetes ones
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-04-12 22:33:10 +02:00
Hussein Galal 6b51ed478d
Fix call for k3s-selinux versions in airgapped environments (#7264)
* Fix call for k3s-selinux versions in airgapped environments

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* use timeout options in the donwloader

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more fixes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* run verify_downloader in case binary was skipped

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-04-11 22:32:48 +02:00
Hussein Galal 027cc187ce
Add coreos and sle micro to selinux support (#6945)
* Add coreos and sle micro to selinux support

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add fix for rpm-ostree

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add uninstall for rpm-ostree (coreos)

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't start k3s on coreos

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't apply live

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Typo fix

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-04-06 23:44:07 +02:00
Hussein Galal 30638072c9
Update klipper lb to v0.4.2 (#7210)
* Update klipper lb to v0.4.2

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update klipper lb to v0.4.3

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update klipper lb to v0.4.3 in airgap list

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-04-06 19:02:00 +02:00
fmoral2 6c394abb32
Add make commands to terraform automation and fix external dbs related issue (#7159)
* test: add make commands and dependencies

Signed-off-by: Francisco <francisco.moral@suse.com>

* fix: fix issue on logic for using external dbs and dependencies

Signed-off-by: Francisco <francisco.moral@suse.com>

---------

Signed-off-by: Francisco <francisco.moral@suse.com>
2023-04-06 12:17:13 -03:00
Roberto Bonafiglia 3e3512bdae Updated kube-route version to move the iptables ACCEPT default rule at the end of the chain
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-04-06 09:55:34 +02:00
Brad Davidson d95980bba3 Lock bootstrap data with empty key to prevent conflicts
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-05 10:56:57 -07:00
dependabot[bot] 12091fc724 Bump actions/setup-go from 3 to 4
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-04 16:45:13 -07:00
Brad Davidson 2992477c4b Debounce kubernetes service endpoint updates
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Brad Davidson ece4d8e45c Fix tests to not hide failure location in dummp assert functions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Brad Davidson e54ceaa497 Fix issue with stale connections to removed LB server
Track LB connections through each server so that they can be closed when it is removed.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Brad Davidson 5dece799df Update remotedialer to silence errors when disconnecting
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-04 12:02:22 -07:00
Guilherme Macedo 4182dcaac8
[UpdateCLI] Improve Klipper Helm and Helm controller bumps (#7146)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-04 13:43:12 -05:00
Hussein Galal 127cea1f3f
Upgrade helm-controller to v0.13.3 (#7209)
* Upgrade helm-controller to v0.13.3

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Upgrade klipper-helm image in the airgap list

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-04-04 20:20:40 +02:00
Derek Nola d2e04b826a
Don't apply hardened args to agent (#7089)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-04-04 09:35:28 -07:00
Brad Davidson d388b82d25 go generate
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 19:47:06 -07:00
Brad Davidson de80c07053 Ensure that loopback is used for the advertised address when resetting
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 19:47:06 -07:00
Brad Davidson b010db0cff Ensure that loopback is used for the advertised address when resetting
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 17:01:43 -07:00
Brad Davidson 877247a691 Bump runc to v1.1.5
Addresses GHSA-m8cg-xc2p-r3fc GHSA-vpvm-3wq2-2wvm GHSA-g2j6-57v7-gm8c

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 17:00:44 -07:00
Brad Davidson eb982bbbde Bump etcd to v3.5.7
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-03 17:00:30 -07:00
Brad Davidson cee3ddbc4a
Bump Local Path Provisioner version (#7167)
* chore: Bump Local Path Provisioner version
* go generate

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2023-04-03 16:00:16 -07:00
Guilherme Macedo ddd9665fed
Improve Trivy configuration (#7154)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-03 14:09:21 -05:00
Guilherme Macedo fdf994dc35
[UpdateCLI] Improve workflow (#7142)
* Improve UpdateCLI workflow
* Update Go version to stable in workflow

Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-03 13:40:49 -05:00
Guilherme Macedo 37b3f4d25c
Run go generate in local-path-provisioner Updatecli pipeline (#7181)
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2023-04-03 09:30:56 -07:00
ShylajaDevadiga 8ec7d5e6b0
fix_get_sha_url (#7187)
Signed-off-by: ShylajaDevadiga <shylaja@rancher.com>
2023-03-31 13:26:29 -07:00
Derek Nola a99376663b
Drone Pipelines enhancement (#7169)
* Dont run most pipelines on nightly cron

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't run skipfiles on push to master for arch pipelines

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-31 09:06:16 -07:00
Brooks Newberry fb491f5ebf
Update stable channel to v1.26.3+k3s1 (#7161) 2023-03-29 15:49:08 -07:00
Derek Nola d13ee64403
Enhance `k3s check-config` (#7091)
* Move  CONFIG_CGROUP_PIDS to Required

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-29 09:55:08 -07:00
Roberto Bonafiglia 01ea3ff27b Update flannel to fix NAT issue with old iptables version
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-22 18:15:34 +01:00
Derek Nola c97370be6f
Clean E2E VMs before testing (#7109)
* Cleanup VMs proper

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-22 09:32:37 -07:00
Brooks Newberry 7c32f88fec
Pin golangci-lint version to v1.51.2 (#7113) 2023-03-20 09:59:43 -07:00
Brooks Newberry dc4a148725
Update to v1.26.3-k3s1 (#7108) 2023-03-20 05:18:37 -07:00
Derek Nola 561ec056c1
Drone: Cleanup E2E VMs on test panic (#7104)
* Cleanup leftover VMs in E2E pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-17 11:35:05 -07:00
Derek Nola 9980504196
Fix to Rotate CA e2e test (#7101)
* Include note on service keys

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix rotate cert ca test

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove periods

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add new test to nightly script

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-16 17:56:17 -07:00
Esteban Esquivel Alvarado 85b261096c
Add automation for Restart command for K3s (#7002)
Signed-off-by: est-suse <esteban.esquivel@suse.com>
2023-03-14 15:47:18 -07:00
Chris Wayne 19ac384929
Remove Nikolai from MAINTAINERS list (#7088)
Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2023-03-14 14:33:06 -04:00
Roberto Bonafiglia 7d2f997b3e Added multiClusterCIDR E2E test
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Roberto Bonafiglia 262cd7de0a Added IPv6 check and agent restart on e2e test utils
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Roberto Bonafiglia 15ee88964b Added multiClusterCidr feature
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Daniel Mills 822ee79eb8
Remove deprecated nodeSelector label beta.kubernetes.io/os (#6970)
* Remove deprecated nodeSelector label beta.kubernetes.io/os

Problem:
The nodeSelector label beta.kubernetes.io/os in the CoreDNS deployment was deprecated in 1.14 and will likely be removed soon

Solution:
Change the nodeSelector to remove the beta

Signed-off-by: Dan Mills <evilhamsterman@gmail.com>
2023-03-14 12:56:40 -04:00
Richard Steinmetz a912902aa7
Add missing kernel config checks (#6946)
Add additional kernel config checks for NETFILTER_XT_MATCH_COMMENT and
NETFILTER_XT_MATCH_MULTIPORT as they are both required to run k3s.

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
2023-03-14 12:55:38 -04:00
Matt Trachier 8503d0143c
skip all pipelines based on what is in the PR (#6996)
* add droneignore, make trivial change to README for testing, updating drone config to use droneignore to skip CI when files are all matched

Signed-off-by: matttrach <matttrach@gmail.com>
2023-03-14 12:49:44 -04:00
Brad Davidson 977a85559e Add support for cross-signing new certs during ca rotation
We need to send the full chain in order for cross-signing to work
properly during switchover to a new root.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-03-13 16:56:28 -07:00
Brad Davidson 68fcb48a35 Update/rename certs.sh; add default cert rotation script
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-03-13 16:56:28 -07:00