Commit Graph

192 Commits (fae41a8b2af0250dcf79bd4c77dbca2bb7b1acbb)

Author SHA1 Message Date
Derek Nola fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
* Reorder copy order for caching
* Enable longer http timeout requests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Brad Davidson 6072476432 Add e2e test for embedded registry mirror
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Ian Cardoso df5e983fc8
add e2e startup test for rootless k3s (#8383)
* add test for rootless k3s

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>

* fix comments

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>

* Cleanup rootless e2e test, simplify logic

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-01-09 10:39:54 -08:00
ShylajaDevadiga 64dbbba996
update s3 e2e test (#9025)
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
Co-authored-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2024-01-09 10:29:32 -08:00
Hussein Galal 9411196406
Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
* update flannel to v0.24.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove multiclustercidr flag

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-12-20 00:25:38 +02:00
Manuel Buil d34550fb2f Fix overlapping address range
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-12-08 17:17:23 +01:00
Brad Davidson 96ebb96317 Fix flakey dynamic-cert.json in cert rotation e2e test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-17 19:46:11 -08:00
Brad Davidson b8dc95539b Fix CloudDualStackNodeIPs feature-gate inconsistency
Enable the feature-gate for both kubelet and cloud-controller-manager. Enabling it on only one side breaks RKE2, where feature-gates are not shared due to running in different processes.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-17 10:40:12 -07:00
Roberto Bonafiglia 1ffb4603cd Use IPv6 in case is the first configured IP with dualstack
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-10-13 10:23:31 +02:00
Brad Davidson 7c5b69ca1d Fix etcd snapshot integration tests
Snapshot delete/prune tests were only working because the delete command
would report success even when deleting a snapshot that didn't exist,
and the test regex was finding the snapshot name multiple times in
the list output and deleting it twice.

Snapshot restore tests seem to have expected the deployment to be rolled out
immediately, which is not a reasonable expectation.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 5cd4f69bfa Move snapshot delete into local/s3 functions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 9bb1ce1253 Bump busybox to v1.36.1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:00:45 -07:00
Derek Nola dface01de8
Server Token Rotation (#8265)
* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Ensure agent token also changes

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-10-09 10:58:49 -07:00
Manuel Buil d4a487d83f Fix spellcheck problem (boostrap ==> bootstrap)
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-29 12:45:23 +02:00
Vitor Savian d349c9db6c
Added cluster reset from non bootstrap nodes on snapshot restore e2e test
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-26 08:48:25 -03:00
Vitor Savian d0ab4ef26b
Added advertise address integration test
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-26 08:47:25 -03:00
Derek Nola 42c2ac95e2 CLI + Backend for Secrets Encryption v3
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-25 14:17:00 -06:00
Derek Nola e45a674457 Add new encryption test
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-25 14:17:00 -06:00
Derek Nola ced330c66a
[v1.28] CLI Removal for v1.28.0 (#8203)
* Remove deprecated flannel ipsec

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove multipart backend

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix secrets-encryption integration test flakiness

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-24 22:09:13 -07:00
Derek Nola f8727f56d7
E2E test for token coverage (#8184)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-17 08:58:17 -07:00
Derek Nola 9702f92345
Fix for Kubeflag Integration test (#8154)
* Use argument that doesn't require file
* Use build-k3s workflow in cgroup
* Bump timeout on integration tests

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-07 14:04:04 -07:00
Ian Cardoso 53fc3eef0a
add --disable-cloud-controller and --disable-kube-proxy test (#8018)
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-08-04 14:27:09 -03:00
Ian Cardoso e551308db8
fix for etcd-snapshot delete with --etcd-s3 flag (#8110)
k3s etcd-snapshot save --etcd-s3 ... is creating a local snapshot and uploading it to s3 while k3s etcd-snapshot delete --etcd-s3 ... was deleting the snapshot only on s3 buckets, this commit change the behavior of delete to do it locally and on s3

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-08-04 14:26:32 -03:00
fmoral2 45bc26309f
Remove terraform test package (#8136)
Signed-off-by: Francisco <francisco.moral@suse.com>
2023-08-04 10:06:45 -03:00
Ikko Eltociear Ashimine 3515d712a7
Fix typo in terraform/README.md (#8090)
Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
2023-08-01 14:15:08 -04:00
Derek Nola a87b183f9c
E2E: Support GOCOVER for more tests + fixes (#8080)
* Add support for local build and go coverage to all E2E tests
* Remove unused EXTERNAL_DB from etcd tests
* Fix private reg test
* Add coverage to tailscale
* Cleanup unnecessary "sudo" in commands

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add additonal s3 coverage clause

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-01 09:32:34 -07:00
Derek Nola 3eb4e12c3b
Don't use zgrep in `check-config` if apparmor porfile is enforced (#7939)
* Don't use zgrep if apparmor is enforced for it

* Bump e2e se timeouts for reencryption time

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-12 08:49:05 -07:00
dependabot[bot] 782a3a1cb4
Bump google.golang.org/grpc from 1.51.0 to 1.53.0 in /tests/terraform (#7879)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.51.0 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.53.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 09:19:57 -07:00
Ian Cardoso 9e334153cf
add e2e s3 test (#7833)
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-07-05 17:35:44 -03:00
Ian Cardoso 324f9ad4da
fix e2e startup flaky test (#7839)
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-07-03 10:35:56 -07:00
Manuel Buil 55db9b18f0
Merge pull request #7745 from manuelbuil/removeVagrantConfig
Remove useless libvirt config
2023-06-12 18:15:28 +02:00
Manuel Buil a5874f855f Remove unused libvirt config
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 14:29:31 +02:00
Manuel Buil c6a6e8ef57 Fix spelling check
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 10:24:30 +02:00
Manuel Buil 268c9a7684
Merge pull request #7352 from manuelbuil/vpnintegrations-afterparental
Integrate tailscale into k3s
2023-06-09 19:02:46 +02:00
Derek Nola efa86a63e8
Remove unnecessary daemonset addition/deletion (#7696)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:51:41 -07:00
Ian Cardoso 7c151d468f
add private registry e2e test (#7653)
add private registry e2e test

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-06-09 10:51:21 -03:00
Manuel Buil 869e030bdd VPN PoC
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-09 12:39:33 +02:00
Derek Nola 8f9502233a E2E: Inject gocover ENV for k3s commands
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-08 09:39:48 -07:00
Derek Nola 4a68fbd8e9 E2E: Use sudo for all RunCmdOnNode
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-08 09:39:48 -07:00
Derek Nola b0188f5a13
Test Coverage Reports for E2E tests (#7526)
* Move coverage writer into agent and server
* Add coverage report to E2E PR tests
* Add codecov upload to drone

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-05 14:15:17 -07:00
Brad Davidson 7b61aacb56 Fix test file list
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-30 18:15:11 -07:00
Hussein Galal 9543470eb7
Add el9 selinux rpm (#7635)
* Add el9 to the install script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux to workflow

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Use el8 for fedora 37

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add a warning to reboot in coreos systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove k3s-selinux module in case of upgrade in el9

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Check for available container-selinux and k3s-selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* extend selinux upgrade to sle distros

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* create /var/lib/rpm-state in sle systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* nit fix

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* extend selinux upgrade to sle distros

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-05-31 01:51:23 +03:00
Hussein Galal 213d7ad499
Revert "Add el9 selinux rpm (#7443)" (#7608)
This reverts commit d55ec08675.

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-05-25 16:41:05 +03:00
Hussein Galal d55ec08675
Add el9 selinux rpm (#7443)
* Add el9 to the install script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux to workflow

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Use el8 for fedora 37

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add a warning to reboot in coreos systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove k3s-selinux module in case of upgrade in el9

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Check for available container-selinux and k3s-selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* extend selinux upgrade to sle distros

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* create /var/lib/rpm-state in sle systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* nit fix

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-05-25 02:52:07 +03:00
Manuel Buil 290f67c939 Add '-all' flag to apply to inactive units
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-17 12:24:23 +02:00
Esteban Esquivel Alvarado 9bcfac8b88
Add Rotation certification Check (#7097)
* Add Certification Test to Validate Cluster

Signed-off-by: est-suse <esteban.esquivel@suse.com>

* Fix to stop/start for k3s certificate rotation

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: est-suse <esteban.esquivel@suse.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: est-suse <esteban.esquivel@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-05-12 10:36:41 -07:00
Derek Nola c6dc789e25
Add support for `-cover` + integration test code coverage (#7415)
* Add support for -cover in k3s server
* Update codecov reporting
* Sigterm in StopK3sServer
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-05-08 12:46:51 -07:00
Ian Cardoso 3982213f06
add kube-* server flags integration tests (#7416)
This commit adds SearchK3sLog function to find specific strings in integration tests log file and also removes FindStringInCmdAsync function since it was not being used.

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-05-08 05:25:47 -03:00
Brad Davidson c98137ddca Fix token startup test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-05 15:52:12 -07:00
Brad Davidson cf9ebb3259 Fail to validate server tokens that use bootstrap id/secret format
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-05 12:24:35 -07:00