e1a315189b
Allow k3s to customize apiServerPort on helm-controller ( #7873 )
...
Signed-off-by: Daishan Peng <daishan@acorn.io>
Co-authored-by: Daishan Peng <daishan@acorn.io>
2023-07-05 11:56:58 -07:00
7d3319908f
Merge pull request #7860 from manuelbuil/fixSpell125
...
[Release 1.25] Fix code spell check
2023-07-05 10:37:51 +02:00
17a611060e
Merge pull request #7856 from manuelbuil/removeFileWindows125
...
[Release 1.25] Remove file_windows.go
2023-07-05 10:37:14 +02:00
5a7f40dba3
Fix code spell check
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-04 15:53:34 +02:00
382fe9599f
Remove file_windows.go
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-04 12:47:05 +02:00
582f07cf3e
Missing backport for 1.25 ( #7818 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-22 17:04:44 -07:00
a0954e5d1e
Update Kubernetes to v1.25.11 ( #7788 )
...
Signed-off-by: Brooks Newberry <brooks@newberry.com>
2023-06-15 06:59:32 -07:00
873fc1c77c
Merge pull request #7784 from manuelbuil/tailscaleFixes125
...
[Release 1.25] Fix logging and cleanup in Tailscale
2023-06-14 21:41:10 +02:00
8626667494
Fix the error report
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-14 19:17:48 +02:00
3777310270
Add commands to logout from tailscale
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-14 19:17:44 +02:00
d8aac17d5f
add format command on Makefile and remove vendor
...
This commit adds the format command to make it easier to be compliant to golangci-lint issues
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-06-14 13:34:21 -03:00
4e1ba3a087
Merge pull request #7758 from manuelbuil/removeLibvirtLines125
...
[Release 1.25] Remove unused libvirt config
2023-06-13 17:47:18 +02:00
21a7f5c845
Fix validatecluster e2e test
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-13 15:52:09 +02:00
c65dd08fed
Bump helm-controller to v0.15.0 for create-namespace support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-06-12 10:53:26 -07:00
03e3324902
Enable containerd aufs/devmapper/zfs snapshotter plugins
...
These were unintentionally dropped when moving containerd back into the main multicall binary
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e5e1a674ce
2023-06-12 10:53:26 -07:00
a645d3caf2
Improve error response logging
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5170bc5a04
2023-06-12 10:53:26 -07:00
3596d1891b
Soft-fail on node password verification if the secret cannot be created
...
Allows nodes to join the cluster during a webhook outage. This also
enhances auditability by creating Kubernetes events for the deferred
verification.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 45d8c1a1a2
2023-06-12 10:53:26 -07:00
b36b0c4c88
Make LB image configurable when compiling k3s
...
It is no way we can configure the lb image because it is a const value.
It would be better that we make it variable value and we can override
the value like the `helm-controller` job image when compiling k3s/rke2
Signed-off-by: Yuxing Deng <jxfa0043379@hotmail.com>
(cherry picked from commit b64a226ebd
2023-06-12 10:53:26 -07:00
8ca3262878
chore: Bump golang:alpine version
...
Made with ❤️ ️ by updatecli
(cherry picked from commit a5928ee137
2023-06-12 10:53:26 -07:00
3e22bec190
Add ADR
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 612473755d
2023-06-12 10:53:26 -07:00
29bc03305a
Create new kubeconfig for supervisor use
...
Only actual admin actions should use the admin kubeconfig; everything done by the supervisor/deploy/helm controllers will now use a distinct account for audit purposes.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 64a5f58f1e
2023-06-12 10:53:26 -07:00
ac6966145c
Use distinct clients for supervisor, deploy, and helm controllers
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8748813a61
2023-06-12 10:53:26 -07:00
17c534022e
Bump metrics-server to v0.6.3 and update tls-cipher-suites
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e9958cf070
2023-06-12 10:53:26 -07:00
2c542f411c
Bump klipper-lb to v0.4.4
...
Fixes issue with localhost access to ServiceLB when
ExternalTrafficPolicy=Local
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 93279d2f59
2023-06-12 10:53:26 -07:00
928e625529
allow coredns override extensions
...
Signed-off-by: Andrew Roffey <andrew@roffey.au>
(cherry picked from commit 0485a56f33
2023-06-12 10:53:26 -07:00
a74e56fd05
Merge pull request #7752 from manuelbuil/fixSpelling125
...
[Release 1.25] Fix spelling test
2023-06-12 18:21:21 +02:00
75bd429059
Remove unused libvirt config
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 18:19:19 +02:00
37ec02c0f5
Fix spelling check
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 15:44:46 +02:00
cb114a2d91
Merge pull request #7728 from manuelbuil/tailscale125
...
[Release 1.25] VPN integration
2023-06-12 10:20:30 +02:00
98333e8a22
VPN integration
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 09:22:06 +02:00
077fd8b9b6
[Release-1.25] Add private registry e2e test ( #7722 )
...
* add private registry e2e test (#7653 )
add private registry e2e test
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
* E2E: Startup test cleanup + RunCommand Enhancement (#7388 )
* Add beforesuite to startup
* Reduce timeouts for startup
* Fix cleanup + set kubeconfig
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-06-09 13:09:58 -07:00
f089761921
Remove unnecessary daemonset addition/deletion
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
eb63c3bf04
E2E: Use sudo for all RunCmdOnNode
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
ed6e7b1c2c
Add Rotation certification Check ( #7097 )
...
* Add Certification Test to Validate Cluster
Signed-off-by: est-suse <esteban.esquivel@suse.com>
* Fix to stop/start for k3s certificate rotation
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: est-suse <esteban.esquivel@suse.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: est-suse <esteban.esquivel@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
a7521dab8b
Fix for longhorn integration test
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
e1ae6f0940
Shortcircuit commands with version or help flags ( #7683 )
...
* Shortcircuit search with help and version flag
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Keep functions seperate
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:34:09 -07:00
474498c527
Bump vagrant libvirt with fix for plugin installs ( #7659 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-01 09:16:58 -07:00
42867c806b
Merge pull request #7649 from manuelbuil/flannel0220-1.25
...
[Release 1.25] Update flannel version
2023-05-31 11:41:19 +02:00
e7c148df3e
Update flannel version
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-31 08:44:33 +02:00
613a3bc8cb
Update to v1.25.10-k3s1 ( #7582 )
2023-05-18 10:24:33 -07:00
938c984de1
Merge pull request #7574 from manuelbuil/restartcluster125
...
[Release 1.25] Add '-all' flag to apply to inactive units
2023-05-18 15:46:12 +02:00
e3c3ecdf64
Add '-all' flag to apply to inactive units
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-17 18:53:49 +02:00
3ce8dd17c9
Merge pull request #7548 from manuelbuil/fixnetpollogs125
...
[Release 1.25] Wrap error stating that it is coming from netpol
2023-05-15 16:33:33 +02:00
0b14452817
Wrap error stating that it is coming from netpol
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-15 09:44:26 +02:00
a41015abe5
Bump containerd/runc to v1.7.1-k3s1/v1.1.7
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-11 14:53:37 -07:00
eff951b567
Bump helm-controller version for repo auth/ca support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-10 15:18:54 -07:00
a0891cab16
Consistently use constant-time comparison of password hashes
...
As per https://github.com/golang/go/issues/47001 even subtle.ConstantTimeCompare should never be used with variable-length inputs, as it will return 0 if the lengths do not match. Switch to consistently using constant-time comparisons of hashes for password checks to avoid any possible side-channel leaks that could be combined with other vectors to discover password lengths.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 239021e759
2023-05-10 15:18:54 -07:00
e0f01f1ca2
Bump kine to v0.10.1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b32bf49541
2023-05-10 15:18:54 -07:00
caf88e5b37
Fix token startup test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit c98137ddca
2023-05-10 15:18:54 -07:00
e3a67ac40a
Fail to validate server tokens that use bootstrap id/secret format
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit cf9ebb3259
2023-05-10 15:18:54 -07:00
Derek Nola