Commit Graph

3404 Commits (b93fd98a1c733b61ac515e07f4abcaf27d2f6b7f)

Author SHA1 Message Date
Derek Nola 4204248bc3
Check for bad token permissions when install via PR (#10387)
* Check for bad token permissions when install via PR

Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-07-09 08:36:56 -07:00
Derek Nola 8f9ad1f992
Move test-compat to GHA (#10414)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-07-09 08:36:41 -07:00
Brian Downs e9a5943900
update channel server for k3s2 (#10446) 2024-07-06 10:41:11 -07:00
Roberto Bonafiglia faeaf1b01b Update flannel to v0.25.4 and fixed issue with IPv6 mask
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-07-01 18:57:34 +02:00
Brooks Newberry a08ac6fcdc
update stable channel to v1.29.6+k3s1 (#10417)
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-06-27 17:47:46 -07:00
Brad Davidson aa4794b372 Replace 1-weight semaphore on snapshots with simple mutex
Fixes an issue where the semaphore wasn't permanently initialized
until a scheduled snapshot was taken, allowing multiple on-demand
snapshots to be taken until the first scheduled snapshot was triggered.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-19 09:47:58 -07:00
Brad Davidson b4d4ed8f01 Fix agent supervisor port using apiserver port instead
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-13 15:13:21 -07:00
Brooks Newberry 9af17d2997
Update Kubernetes to v1.30.2 (#10349)
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-06-13 09:09:52 -07:00
Harrison Affel f10cb29534 fix typo, use rancher/permissions
Signed-off-by: Harrison Affel <harrisonaffel@gmail.com>
2024-06-07 08:00:44 -07:00
Brad Davidson c0450a2cb4 Fix race condition panic in loadbalancer.nextServer
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-07 07:39:48 -07:00
Derek Nola cff6f7aa1d
Expand GHA go caching to includ newest release branch (#10307)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-06-06 14:51:08 -07:00
Vitor Savian d9b8ba8d71
Add snapshot retention etcd-s3-folder fix
* Add snapshot retention folder fix

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Add snapshot retention E2E test

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

---------

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-06-06 17:31:01 -03:00
fmoral2 043b1eac5d
Add test for `isValidResolvConf` (#10302)
Signed-off-by: Francisco <francisco.moral@suse.com>
2024-06-06 17:02:31 -03:00
Brad Davidson df5db28a68
Add ADR for support for etcd s3 config secret (#9364)
* Add ADR for etcd s3 config secret
* Update ADR with changes from initial review

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-04 14:15:43 -07:00
Brad Davidson 1661f1024a Fix bug that caused agents to bypass local loadbalancer
If proxy.SetAPIServerPort was called multiple times, all calls after the
first one would cause the apiserver address to be set to the default
server address, bypassing the local load-balancer. This was most likely
to occur on RKE2, where the supervisor may be up for a period of time
before it is ready to manage node password secrets, causing the agent
to retry.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-04 11:18:45 -07:00
Koen de Laat 79ba10f5ec fix: Use actual warningPeriod in certmonitor
Signed-off-by: Koen de Laat <koen.de.laat@philips.com>
2024-06-03 11:20:15 -07:00
github-actions[bot] 1268779ea0
Bump Local Path Provisioner version (#10268)
* chore: Bump Local Path Provisioner version

Made with ❤️️ by updatecli
2024-06-03 11:19:23 -07:00
Brad Davidson f9130d537d Fix embedded mirror blocked by SAR RBAC and re-enable test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 08:33:18 -07:00
Katherine Door 7a0ea3c953
Add write-kubeconfig-group flag to server (#9233)
* Add write-kubeconfig-group flag to server
* update kubectl unable to read config message for kubeconfig mode/group

Signed-off-by: Katherine Pata <me@kitty.sh>
2024-05-30 23:45:34 -07:00
Brad Davidson 307f07bd61 Fix issue caused by sole server marked as failed under load
If health checks are failing for all servers, make a second pass through the server list with health-checks ignored before returning failure

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-30 11:47:23 -07:00
Brad Davidson ed23a2bb48 Fix netpol crash when node remains tained unintialized
It is concievable that users might take more than 60 seconds to deploy their own cloud-provider. Instead of exiting, we should wait forever, but with more logging to indicate what's being waited on.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 23:34:44 -07:00
github-actions[bot] f2e7c01acf chore: Bump Trivy version
Made with ❤️️ by updatecli
2024-05-28 20:12:36 -07:00
dependabot[bot] 4cb4542c3a Bump ubuntu from 22.04 to 24.04 in /tests/e2e/scripts
Bumps ubuntu from 22.04 to 24.04.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 20:12:14 -07:00
Brad Davidson 84b578ec74 Use busybox tar to avoid issues with fchmodat2 on arm
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 20:11:46 -07:00
dependabot[bot] 86875c97bb Bump alpine from 3.18 to 3.20 in /package
Bumps alpine from 3.18 to 3.20.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 20:11:46 -07:00
dependabot[bot] de4cda57e6 Bump alpine from 3.18 to 3.20 in /conformance
Bumps alpine from 3.18 to 3.20.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 20:09:39 -07:00
Brad Davidson 2eca3f1e2c Update golangci-lint to stop using deprecated skip files/dirs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 16:24:57 -07:00
Brad Davidson f8e0648304 Convert remaining http handlers over to use util.SendError
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 16:24:57 -07:00
Brad Davidson ff679fb3ab Refactor supervisor listener startup and add metrics
* Refactor agent supervisor listener startup and authn/authz to use upstream
  auth delegators to perform for SubjectAccessReview for access to
  metrics.
* Convert spegel and pprof handlers over to new structure.
* Promote bind-address to agent flag to allow setting supervisor bind
  address for both agent and server.
* Promote enable-pprof to agent flag to allow profiling agents. Access
  to the pprof endpoint now requires client cert auth, similar to the
  spegel registry api endpoint.
* Add prometheus metrics handler.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 16:24:57 -07:00
Brad Davidson 3d14092f76 Fix issue with k3s-etcd informers not starting
Start shared informer caches when k3s-etcd controller wins leader election. Previously, these were only started when the main k3s apiserver controller won an election. If the leaders ended up going to different nodes, some informers wouldn't be started

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 15:48:15 -07:00
Anuj Garg eb192197eb Updating the script binary_size_check to complete the command name by adding .exe extension to the k3s binary name to make it available to run stat command
Signed-off-by: Anuj Garg <anujgarg@microsoft.com>
2024-05-28 13:30:53 -07:00
Brad Davidson 6683fcdb65 Bump klipper-helm image for tls secret support
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 13:12:47 -07:00
Brian Downs c2738231ec
update channel server for may 2024 (#10137) 2024-05-28 08:55:41 -07:00
thomasferrandiz 6e6f7995e7
Merge pull request #10146 from thomasferrandiz/flannel-v0.25.2
Bump flannel version to v0.25.2
2024-05-28 09:17:47 +02:00
Manuel Buil 3f62ec3207 Add extra log in e2e tests
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-05-27 16:11:12 +02:00
Nikos Pitsillos 99f543a2d4 fix: use absolute path
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos 86b2554772 test: copy vpn-auth-file to guest
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos b8f101fd89 test: increment agentCount
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos ab29054887 test: use absolute path to auth file
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos a8f88aa9e5 test: add agent with auth file
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Thomas Ferrandiz 6dcd52eb8e Use TrafficManager interface when calling flannel
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2024-05-27 13:05:18 +00:00
Thomas Ferrandiz af7bcc3900 Bump flannel version to v0.25.2
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2024-05-27 13:05:18 +00:00
Brad Davidson aadec85501 Fix go.mod
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-24 13:04:16 -07:00
huangzy 6fcaad553d allow helm controller set owner reference
Signed-off-by: huangzy <huangzynn@outlook.com>
2024-05-24 12:44:10 -07:00
Robert Rose 6886c0977f Follow directory symlinks in auto deploying manifests (#9288)
Signed-off-by: Robert Rose <robert.rose@mailbox.org>
2024-05-24 12:42:25 -07:00
0xMALVEE 3e48386c6e git_workflow filename correction
Signed-off-by: 0xMALVEE <m.alvee8141@gmail.com>
2024-05-24 12:41:11 -07:00
zouxianyu c1cb5d63b9 add missing kernel config check
Signed-off-by: zouxianyu <2979121738@qq.com>
2024-05-24 12:40:25 -07:00
linxin f24ba9d3a9 Validate resolv.conf for presence of nameserver entries
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: linxin <linxin@geedgenetworks.com>
2024-05-24 12:39:34 -07:00
Brad Davidson 2669d67a9b Bump kine to v0.11.9 to fix pagination
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-24 11:34:36 -07:00
Brad Davidson afdcc83afe bump minio-go to v7.0.70
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-24 10:29:17 -07:00