6f331ea7b5
Include flannel version in flannel cni plugin version
...
We were misreporting the flannel version as the flannel cni plugin version; restore the actual flannel version as build metadata
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-06 09:46:48 -08:00
d37d7a40da
Bump Trivy version ( #9528 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-03-06 08:52:55 -08:00
88c431aea5
Adjust first node-ip based on configured clusterCIDR
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-03-06 11:10:41 +01:00
1fe0371e95
Improve tailscale e2e test
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-03-06 08:26:36 +01:00
82cfacb2f3
Update contrib/util/check-config.sh
...
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Rishikesh Nair <42700059+rishinair11@users.noreply.github.com>
2024-03-05 15:10:36 -08:00
ce0765c9f8
Rename `RAW_OUTPUT` -> `NO_COLOR`
...
Also, if NO_COLOR is empty, output will be colored, otherwise not colored.
Signed-off-by: Rishikesh Nair <alienware505@gmail.com>
2024-03-05 15:10:36 -08:00
ff7cfa2235
Disable color outputs using RAW_OUTPUT env var
...
Setting this environment variable will not wrap the text in color ANSI code, so that we can print a raw output.
Signed-off-by: Rishikesh Nair <alienware505@gmail.com>
2024-03-05 15:10:36 -08:00
59c724f7a6
Fix wildcard with embbeded registry test
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-05 14:38:36 -08:00
f82d438f39
e2e tests: cover WebAssembly integration
...
Add a e2e test that runs some demo WebAssembly applications
using the dedicated containerd shims.
Note: this is not an integration test because we need to install some
binaries (the special containerd shims) on the host.
Signed-off-by: Flavio Castelli <fcastelli@suse.com>
2024-03-05 13:12:08 -08:00
64e4f0e6e7
fix: use correct wasm shims names
...
Fix the wasm shim detection and the containerd configuration generation.
Prior to this commit, the binary and the `RuntimeType` values were not
correct.
Signed-off-by: Flavio Castelli <fcastelli@suse.com>
2024-03-05 13:12:08 -08:00
2c4773a5aa
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto ( #9513 )
...
Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
2024-03-05 10:56:38 -08:00
091a5c8965
Don't register embedded registry address as an upstream registry
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
b5a4846e9d
Remove filtering of wildcard mirror entry
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
84a071a81e
Add env var to allow spegel mirroring of `latest` tag
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
26feb25c40
Bump spegel to v0.0.18-k3s4
...
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 15:11:26 -08:00
88d30f940d
Use and version flannel/cni-plugin properly
...
Moves us closer to using the proper upstream for our flannel CNI plugin, instead of the snapshot that is vendored into our plugins fork.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 13:36:13 -08:00
0b3593205a
Move snapshot-retention to EtcdSnapshotFlags in order to support loading from config
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 12:09:29 -08:00
3576ed4327
Clean up snapshotDir create/exists logic
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 12:09:29 -08:00
b164d7a270
Fix additional corner cases in registries handling
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-04 11:59:33 -08:00
29c73e6965
Fix setup-go typos ( #9634 )
...
* Fix setup-go typos
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-04 10:18:36 -08:00
935ad1dbac
Move docker tests into tests folder ( #9555 )
...
* Move docker tests into tests folder
* Remove old test certs
* Update TESTING.md with docker test inf
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-04 09:15:40 -08:00
138a107f4c
Reenable Install and Snapshotter Testing ( #9601 )
...
* Use regular ubuntu runners for install and snapshotter tests
* Workaround for vagrant box caching
* Update testing readme
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-04 09:11:04 -08:00
81a60de256
update stable channel to v1.28.7+k3s1 ( #9615 )
2024-03-01 14:40:41 -08:00
109e3e454c
Bump helm-controller/klipper-helm versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:55:36 -08:00
82432a2df7
Fix issue with etcd node name missing hostname
...
* Set ServerNodeName in snapshot CLI setup
* Raise errer if ServerNodeName ends up empty some other way
* Fix status controller to use etcd node name annotation instead of prefix checking
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 13:52:53 -08:00
513c3416e7
Tweak netpol node wait logs
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 12:01:34 -08:00
be569f65a9
Fix NodeHosts on dual-stack clusters
...
* Add both dual-stack addresses to the node hosts file
* Add hostname to hosts file as alias for node name to ensure consistent resolution
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-01 11:59:59 -08:00
8c83b5e0f3
Rootless mode also bind service nodePort to host for LoadBalancer type
...
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-03-01 10:43:19 -08:00
3e948aa0d5
Correct formatting of GH PR sha256sum artifact ( #9472 )
...
* Conform to how the install script wants the sha256sum name
* Remove no-op sed for GH PR install
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-01 08:45:01 -08:00
8f777d04f8
Better GitHub CI caching strategy for golang ( #9495 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-01 08:41:09 -08:00
736fb2bc8d
Add an integration test for flannel-backend=none
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-03-01 12:08:09 +01:00
3b4f13f28d
Update klipper-lb image version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-03-01 11:28:12 +01:00
fa37d03395
Update install test OS matrix ( #9480 )
...
* Remove old cgroupsv2 test
* Consolidate install test clauses into functions
* Unpin vagrant-k3s plugin version, run latest
* Add ubuntu-2204 as install test, remove ubuntu-focal
* Update nightly install matrix
* Move to Leap 15.5
* Consolidate vagrant box caching key to improve cache hits on all VM testing
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-29 15:41:56 -08:00
922c5a6bed
Unit Testing Matrix and Actions bump ( #9479 )
...
cache is now on by default
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-29 15:41:05 -08:00
57e11c72d1
Testing ADR ( #9562 )
...
* Update contributing with new links
* Testing ADR
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-29 15:36:11 -08:00
86f102134e
Fix netpol startup when flannel is disabled
...
Don't break out of the poll loop if we can't get the node, RBAC might not be ready yet.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-26 14:58:48 -08:00
fae0d99863
Use 3/2/1 cluster for split role test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-21 12:21:19 -08:00
f90fd7b744
Change default number of etcd nodes in E2E splitserver test
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-21 12:21:19 -08:00
fae41a8b2a
Rename AgentReady to ContainerRuntimeReady for better clarity
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-21 12:21:19 -08:00
91cc2feed2
Restore original order of agent startup functions
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-21 12:21:19 -08:00
1c1746114c
remove e2e logs drone step ( #9517 )
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-16 06:32:55 -08:00
085ccbb0ac
Fix drone publish for arm ( #9503 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-02-15 16:53:10 -08:00
3e13e3619c
Update Kubernetes to v1.29.2 ( #9493 )
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2024-02-15 12:48:20 -08:00
de825845b2
Bump kine and set NotifyInterval to what the apiserver expects
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-02-09 14:22:38 -08:00
0ac4c6a056
Expose rootless containerd socket directories for external access
...
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-02-09 14:22:03 -08:00
14c6c63b30
Expose rootless state dir under ~/.rancher/k3s/rootless
...
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2024-02-09 14:21:52 -08:00
e3b237fc35
Don't verify the node password if the local host is not running an agent
...
Signed-off-by: Oleg Matskiv <oleg.matskiv@gmail.com>
2024-02-09 14:21:43 -08:00
701e7e45ce
Fix iptables check when sbin isn't in user PATH
...
Signed-off-by: Mikhail Vorobyov <mikhail.vorobev@uni.lu>
2024-02-09 13:59:47 -08:00
fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA ( #9340 )
...
* Reorder copy order for caching
* Enable longer http timeout requests
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
cfc3a124ee
[Testing]: Test_UnitApplyContainerdQoSClassConfigFileIfPresent (Created) ( #8945 )
...
Problem:
Function not tested.
Solution:
Unit test added.
Signed-off-by: Oliver Larsson <larsson.e.oliver@gmail.com>
2024-02-09 11:28:06 -08:00
Brad Davidson