Commit Graph

191 Commits (bd45aa5c45977725e58840bd81fea2d41b4c176a)

Author SHA1 Message Date
Derek Nola 85e02e10d7
Remove secrets encryption controller (#10612)
3 months ago
Brad Davidson fe3324cb84 Fix rotateca validation failures when not touching default self-signed CAs
3 months ago
Will e4f3cc7b54 remove deprecated use of wait functions
4 months ago
Katherine Door 7a0ea3c953
Add write-kubeconfig-group flag to server (#9233)
6 months ago
Brad Davidson f8e0648304 Convert remaining http handlers over to use util.SendError
6 months ago
Brad Davidson 3d14092f76 Fix issue with k3s-etcd informers not starting
6 months ago
huangzy 6fcaad553d allow helm controller set owner reference
6 months ago
Brad Davidson 5a0162d8ee Drop check for legacy traefik v1 chart
6 months ago
Hussein Galal 144f5ad333
Kubernetes V1.30.0-k3s1 (#10063)
7 months ago
Brad Davidson 94e29e2ef5 Make /db/info available anonymously from localhost
7 months ago
Brad Davidson 08f1022663 Don't log 'apiserver disabled' error sent by etcd-only nodes
8 months ago
Brad Davidson fe465cc832 Move etcd snapshot management CLI to request/response
8 months ago
Derek Nola 14f54d0b26
Transition from deprecated pointer library to ptr (#9801)
8 months ago
Brad Davidson 7a2a2d075c Move error response generation code into util
8 months ago
Oleg Matskiv e3b237fc35 Don't verify the node password if the local host is not running an agent
10 months ago
Derek Nola fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
10 months ago
Brad Davidson c635818956 Bump runc and helm-controller versions
10 months ago
Aofei Sheng 8d2c40cdac
Use `ipFamilyPolicy: RequireDualStack` for dual-stack kube-dns (#8984)
11 months ago
Derek Nola aca1c2fd11
Add a retry around updating a secrets-encrypt node annotations (#9039)
11 months ago
Brad Davidson 6c544a4679 Add jitter to client config retry
1 year ago
Harsimran Singh Maan abc2efdd57
Disable helm CRD installation for disable-helm-controller (#8702)
1 year ago
Brad Davidson 7464007037 Store extra metadata and cluster ID for snapshots
1 year ago
Derek Nola dface01de8
Server Token Rotation (#8265)
1 year ago
Manuel Buil 0b23a478cf ipFamilyPolicy:PreferDualStack for coredns and metrics-server
1 year ago
Brad Davidson a3c52d60a5 Skip creating CRDs and setting up event recorder for CLI controller context
1 year ago
Derek Nola 2cb7023660 Use already imported semver, bump kine
1 year ago
Derek Nola f2d0c5409a Add check for support on cp nodes
1 year ago
Derek Nola 51f1a5a0ab Review comments and fixes
1 year ago
Derek Nola 42c2ac95e2 CLI + Backend for Secrets Encryption v3
1 year ago
Brad Davidson aa76942d0f Add FilterCN function to prevent SAN Stuffing
1 year ago
Derek Nola 0b18a65d4f
Revert "Warn that v1.28 will deprecate reencrypt/prepare (#7848)"
1 year ago
Derek Nola 8405813c12
Fix rootless node password (#7887)
1 year ago
Derek Nola 4ab01f3941
Warn that v1.28 will deprecate reencrypt/prepare (#7848)
1 year ago
Daishan Peng ce3443ddf6 Allow k3s to customize apiServerPort on helm-controller
1 year ago
Vitor Savian 0809187cff
Adding cli to custom klipper helm image (#7682)
1 year ago
Brad Davidson 5170bc5a04 Improve error response logging
2 years ago
Brad Davidson 45d8c1a1a2 Soft-fail on node password verification if the secret cannot be created
2 years ago
Derek Nola b0188f5a13
Test Coverage Reports for E2E tests (#7526)
2 years ago
Brad Davidson 64a5f58f1e Create new kubeconfig for supervisor use
2 years ago
Brad Davidson 8748813a61 Use distinct clients for supervisor, deploy, and helm controllers
2 years ago
Brad Davidson 8f450bafe1 Bump helm-controller version for repo auth/ca support
2 years ago
Brad Davidson 239021e759 Consistently use constant-time comparison of password hashes
2 years ago
Derek Nola c6dc789e25
Add support for `-cover` + integration test code coverage (#7415)
2 years ago
Brad Davidson f1b6a3549c Fix stack log on panic
2 years ago
Brad Davidson c44d33d29b Fix race condition in tunnel server startup
2 years ago
Brad Davidson ad41fb8c96 Create CRDs with schema
2 years ago
Brad Davidson 977a85559e Add support for cross-signing new certs during ca rotation
2 years ago
Brad Davidson 0c302f4341 Fix etcd member deletion
2 years ago
Brad Davidson 3d146d2f1b Allow for multiple sets of leader-elected controllers
2 years ago
Brad Davidson 87f9c4ab11 Ensure that node exists when using node auth
2 years ago