jonarmani
7ca021ea89
Update README.md ( #10523 )
...
Half of 8 is 3, in a way.
Signed-off-by: jonarmani <3901100+jonarmani@users.noreply.github.com>
2024-10-02 09:50:45 -07:00
Derek Nola
cd02fdfa39
Bump to new wharfie version ( #10971 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-02 08:58:08 -07:00
Vitor Savian
1ff43bf07f
Add user path to runtimes search
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-10-02 09:52:11 -03:00
Derek Nola
ab89363e18
Fix trivy vex line ( #10970 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-10-01 15:06:49 -07:00
Guilherme Macedo
0553a1a1d9
Pass Rancher's VEX report to Trivy to remove known false-positives CVEs ( #10956 )
...
Signed-off-by: Guilherme Macedo <guilherme@gmacedo.com>
2024-10-01 17:20:35 -04:00
Brad Davidson
6c6d87d1b0
Bump traefik to chart 27.0.2 / appVersion v2.11.10
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-30 12:49:18 -07:00
github-actions[bot]
a809749edc
chore: Bump Trivy version ( #10924 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-30 12:40:13 -07:00
Derek Nola
2739f50d77
Trivy workflow: Checkout repo to use gh cli ( #10949 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-25 13:20:26 -07:00
Derek Nola
97e8486032
Fix trivy report download ( #10943 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-25 10:09:09 -07:00
Brad Davidson
cda31ebd67
Bump kine to v0.13.0
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-25 10:02:04 -07:00
Derek Nola
3a268acb78
Check k3s-io organization membership not team membership for trivy scans ( #10940 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 14:37:32 -07:00
Derek Nola
6731f4a70d
Fix getMembershipForUserInOrg call ( #10937 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 13:06:27 -07:00
Derek Nola
005711fad6
Breakup trivy scan and check comment author ( #10935 )
...
* Check comment author on trivy scan
* Breakup trivy workflow for better permission security
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-24 12:10:31 -07:00
Brad Davidson
ed14f7f863
Use static CNI bin dir
...
Maintain a separate dir for CNI binaries so that additional plugins can be installed in a predictable location that does not change every time k3s is upgraded.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-23 11:31:54 -07:00
Brooks Newberry
ea5add3c3b
update stable channel tov1.30.5+k3s1 ( #10921 )
2024-09-23 07:10:06 -07:00
Robert Silén
40eda6a823
Add MariaDB to E2E ( #10724 )
...
* add mariadb to Validate and Upgrade E2E tests
Signed-off-by: robertsilen <robert.silen@iki.fi>
Signed-off-by: Robert Silén <robert.silen@iki.fi>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-09-19 08:40:02 -07:00
Brooks Newberry
7d66fa7ffa
update kubernetes to v1.31.1-k3s3
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-09-18 10:47:29 -07:00
github-actions[bot]
e6d1cf1009
chore: Bump Trivy version ( #10899 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-17 10:03:23 -07:00
Manuel Buil
483d76b34a
Add int test for flannel-ipv6masq
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-09-17 12:00:33 +02:00
github-actions[bot]
13612ef376
chore: Bump Trivy version ( #10863 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-12 09:37:49 -07:00
Brad Davidson
d6c20b7452
Fix hosts.toml header var
...
Resolves issue from 270f85e468
that prevented old hosts.toml files from being cleaned up.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-10 14:59:41 -07:00
Derek Nola
61c7011cab
Give good report if no CVEs found in trivy ( #10853 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-06 14:58:26 -07:00
Arne Winter
c4c11e51f1
add node-internal-dns/node-external-dns address pass-through support ( #10852 )
...
* add --node-internal-dns and --node-external-dns
Signed-off-by: Arne Winter <github@arnewinter.dev>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 14:15:19 -07:00
Derek Nola
216c3671b7
Remove otelgrpc pinned dependency ( #10799 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-06 10:56:55 -07:00
Brad Davidson
270f85e468
Only clean up containerd hosts dirs managed by k3s
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 17:21:55 -07:00
Brad Davidson
378edb939d
Tag PR image build as latest before scanning
...
This is less effort than passing the tag across steps 🤷♂️
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 15:21:56 -07:00
Brad Davidson
662799feec
Bump helm-controller for skip-verify/plain-http and updated tolerations
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 15:21:42 -07:00
Brad Davidson
d746073bd0
Bump containerd to v1.7.21, runc to v1.1.14
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 11:03:31 -07:00
Brad Davidson
29e25a61e6
Add channel for v1.31
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-05 08:50:04 -07:00
Derek Nola
36282dc39b
Launch private registry with init so the container can be killed on cleanup ( #10822 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-04 16:22:24 -07:00
Brad Davidson
3d6e4a793a
Fix /trivy action running against target branch instead of PR branch
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-09-04 15:57:39 -07:00
github-actions[bot]
de4bb2e13c
chore: Update sonobuoy image versions ( #10792 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-04 14:00:09 -07:00
Roberto Bonafiglia
28ceeec489
Update CNI plugins version
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-09-04 15:40:46 +02:00
dependabot[bot]
dacc636cf4
Bump aquasecurity/trivy-action from 0.20.0 to 0.24.0 ( #10795 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.20.0 to 0.24.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.20.0...0.24.0 )
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 09:14:54 -07:00
Derek Nola
254c16fdd5
Cover edge case when on new minor release for E2E upgrade test ( #10781 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-09-03 09:13:34 -07:00
Derek Nola
fa6940d03d
Add trivy scanning trigger for PRs ( #10758 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-30 09:00:50 -07:00
Harsimran Singh Maan
0b4d2497e5
Update coredns to 1.11.3 and metrics-server to 0.7.2
...
Used https://github.com/coredns/corefile-migration to
migrate the corefile. There are no changes for the
default file from 1.10.1 to 1.11.3.
Notable plugin changes include the k8s_external with fallthrough option
and rewrite with cname_target option.
These changes are not part of the default config that ships
with k3s. Customers using these two plugins can start using the new options
Metrics does not have any new features other than build tooling updates.
Requires https://github.com/rancher/image-mirror/pull/704
Signed-off-by: Harsimran Singh Maan <maan.harry@gmail.com>
2024-08-29 15:00:45 -07:00
Brad Davidson
bd45aa5c45
Bump traefik to v2.11.8
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-08-29 14:02:58 -07:00
Hussein Galal
9a69ecd58c
Update kubernetes to v1.31.0-k3s3 ( #10764 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2024-08-29 23:56:56 +03:00
Derek Nola
85e02e10d7
Remove secrets encryption controller ( #10612 )
...
* Remove secrets encryption controller
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-26 08:31:49 -07:00
Derek Nola
fc2eb49e38
Fix deploy latest commit on E2E tests ( #10725 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-26 08:22:42 -07:00
Brooks Newberry
54e3b44147
update stable channel to v1.30.4+k3s1 ( #10739 )
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-08-22 18:41:54 -07:00
Brad Davidson
69910340a3
Bump runc to v1.1.13
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-08-22 15:46:28 -07:00
Brad Davidson
fe3324cb84
Fix rotateca validation failures when not touching default self-signed CAs
...
Also silences warnings about bootstrap fields that are not intended to be handled by CA rotation
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-08-22 14:47:40 -07:00
Derek Nola
c7468edbe7
Bump go dependencies to match upstream 1.31
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-22 14:23:34 -07:00
Derek Nola
ebbb109840
Update VERSION_K8S to handle any k3s revision
...
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-22 14:23:34 -07:00
Derek Nola
f5c6472b16
Bump Kine to v0.12.0
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-22 14:23:34 -07:00
Derek Nola
d358a89171
Fix secrets-encrypt metrics
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-08-22 14:23:34 -07:00
galal-hussein
178aadbe20
Add k3s-io/kubernetes tags
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2024-08-22 14:23:34 -07:00
galal-hussein
5087240e32
Downgrade Microsoft/hcsshim to v0.8.26
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2024-08-22 14:23:34 -07:00