github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,922 Commits
33 Branches
860 Tags
624 MiB
Commit Graph

10 Commits (ba750e28b73ad7c69bc05e01fb30f87fa539762e)

Author SHA1 Message Date
Brad Davidson aa76942d0f Add FilterCN function to prevent SAN Stuffing 
Wire up a node watch to collect addresses of server nodes, to prevent adding unauthorized SANs to the dynamiclistener cert.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-08-02 11:15:39 -07:00
Derek Nola 7d49202721
Ignore value conflicts when reencrypting secrets (#6850) 
* Ignore conflict secrets

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-02-07 13:58:44 -08:00
Derek Nola 1c17f05b8e
Fix secrets reencryption for 8K+ secrets (#5936) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-08-02 14:08:06 -07:00
Derek Nola 3d425e5d20
Secrets Encryption: Add RetryOnConflict around updating nodes (#5495) 
* Add RetryOnConflict around updating nodes

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-04-22 16:32:10 -07:00
Brad Davidson e811689df9 Fix etcd-only secrets encryption rotation 
Improve feedback when running secrets-encrypt commands on etcd-only nodes, and
allow etcd-only nodes to properly restart when effecting rotation.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-03-25 10:40:58 -07:00
Brad Davidson d25ae8fbc2 Properly attach secrets-encrypt events to the node resource 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-03-23 16:01:21 -07:00
Brad Davidson 965d0a08ef Fix log spam due to servicelb event recorder namespace conflict 
Don't hardcode the event namespace when creating event recorders; some controllers want to create events in other namespaces.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-03-23 16:01:21 -07:00
Luther Monson 9a849b1bb7
[master] changing package to k3s-io (#4846) 
* changing package to k3s-io

Signed-off-by: Luther Monson <luther.monson@gmail.com>

Co-authored-by: Derek Nola <derek.nola@suse.com>
 2022-03-02 15:47:27 -08:00
Brad Davidson a1b800f0bf Remove unnecessary copies of etcdconfig struct 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-02-28 12:05:16 -08:00
Derek Nola bcb662926d
Secrets-encryption rotation (#4372) 
* Regular CLI framework for encrypt commands
* New secrets-encryption feature
* New integration test
* fixes for flaky integration test CI
* Fix to bootstrap on restart of existing nodes
* Consolidate event recorder

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2021-12-07 14:31:32 -08:00