Commit Graph

106 Commits (fae41a8b2af0250dcf79bd4c77dbca2bb7b1acbb)

Author SHA1 Message Date
Derek Nola fa11850563
Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
* Reorder copy order for caching
* Enable longer http timeout requests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Setup reencrypt controller to run on all apiserver nodes
* Fix reencryption for disabling secrets encryption, reenable drone tests
2024-02-09 11:37:37 -08:00
Brad Davidson 6072476432 Add e2e test for embedded registry mirror
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-01-09 15:23:05 -08:00
Ian Cardoso df5e983fc8
add e2e startup test for rootless k3s (#8383)
* add test for rootless k3s

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>

* fix comments

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>

* Cleanup rootless e2e test, simplify logic

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2024-01-09 10:39:54 -08:00
ShylajaDevadiga 64dbbba996
update s3 e2e test (#9025)
Signed-off-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
Co-authored-by: ShylajaDevadiga <shylaja.devadiga@suse.com>
2024-01-09 10:29:32 -08:00
Hussein Galal 9411196406
Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
* update flannel to v0.24.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove multiclustercidr flag

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-12-20 00:25:38 +02:00
Manuel Buil d34550fb2f Fix overlapping address range
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-12-08 17:17:23 +01:00
Brad Davidson 96ebb96317 Fix flakey dynamic-cert.json in cert rotation e2e test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-17 19:46:11 -08:00
Roberto Bonafiglia 1ffb4603cd Use IPv6 in case is the first configured IP with dualstack
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-10-13 10:23:31 +02:00
Brad Davidson 9bb1ce1253 Bump busybox to v1.36.1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:00:45 -07:00
Derek Nola dface01de8
Server Token Rotation (#8265)
* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Ensure agent token also changes

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-10-09 10:58:49 -07:00
Manuel Buil d4a487d83f Fix spellcheck problem (boostrap ==> bootstrap)
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-29 12:45:23 +02:00
Vitor Savian d349c9db6c
Added cluster reset from non bootstrap nodes on snapshot restore e2e test
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-26 08:48:25 -03:00
Derek Nola 42c2ac95e2 CLI + Backend for Secrets Encryption v3
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-25 14:17:00 -06:00
Derek Nola e45a674457 Add new encryption test
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-25 14:17:00 -06:00
Derek Nola f8727f56d7
E2E test for token coverage (#8184)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-17 08:58:17 -07:00
Ian Cardoso e551308db8
fix for etcd-snapshot delete with --etcd-s3 flag (#8110)
k3s etcd-snapshot save --etcd-s3 ... is creating a local snapshot and uploading it to s3 while k3s etcd-snapshot delete --etcd-s3 ... was deleting the snapshot only on s3 buckets, this commit change the behavior of delete to do it locally and on s3

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-08-04 14:26:32 -03:00
Derek Nola a87b183f9c
E2E: Support GOCOVER for more tests + fixes (#8080)
* Add support for local build and go coverage to all E2E tests
* Remove unused EXTERNAL_DB from etcd tests
* Fix private reg test
* Add coverage to tailscale
* Cleanup unnecessary "sudo" in commands

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add additonal s3 coverage clause

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-01 09:32:34 -07:00
Derek Nola 3eb4e12c3b
Don't use zgrep in `check-config` if apparmor porfile is enforced (#7939)
* Don't use zgrep if apparmor is enforced for it

* Bump e2e se timeouts for reencryption time

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-12 08:49:05 -07:00
Ian Cardoso 9e334153cf
add e2e s3 test (#7833)
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-07-05 17:35:44 -03:00
Ian Cardoso 324f9ad4da
fix e2e startup flaky test (#7839)
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
2023-07-03 10:35:56 -07:00
Manuel Buil 55db9b18f0
Merge pull request #7745 from manuelbuil/removeVagrantConfig
Remove useless libvirt config
2023-06-12 18:15:28 +02:00
Manuel Buil a5874f855f Remove unused libvirt config
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 14:29:31 +02:00
Manuel Buil c6a6e8ef57 Fix spelling check
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-12 10:24:30 +02:00
Manuel Buil 268c9a7684
Merge pull request #7352 from manuelbuil/vpnintegrations-afterparental
Integrate tailscale into k3s
2023-06-09 19:02:46 +02:00
Derek Nola efa86a63e8
Remove unnecessary daemonset addition/deletion (#7696)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-09 09:51:41 -07:00
Ian Cardoso 7c151d468f
add private registry e2e test (#7653)
add private registry e2e test

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-06-09 10:51:21 -03:00
Manuel Buil 869e030bdd VPN PoC
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-09 12:39:33 +02:00
Derek Nola 8f9502233a E2E: Inject gocover ENV for k3s commands
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-08 09:39:48 -07:00
Derek Nola 4a68fbd8e9 E2E: Use sudo for all RunCmdOnNode
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-08 09:39:48 -07:00
Derek Nola b0188f5a13
Test Coverage Reports for E2E tests (#7526)
* Move coverage writer into agent and server
* Add coverage report to E2E PR tests
* Add codecov upload to drone

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-06-05 14:15:17 -07:00
Brad Davidson 7b61aacb56 Fix test file list
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-30 18:15:11 -07:00
Manuel Buil 290f67c939 Add '-all' flag to apply to inactive units
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-05-17 12:24:23 +02:00
Esteban Esquivel Alvarado 9bcfac8b88
Add Rotation certification Check (#7097)
* Add Certification Test to Validate Cluster

Signed-off-by: est-suse <esteban.esquivel@suse.com>

* Fix to stop/start for k3s certificate rotation

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: est-suse <esteban.esquivel@suse.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: est-suse <esteban.esquivel@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-05-12 10:36:41 -07:00
Brad Davidson c98137ddca Fix token startup test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-05 15:52:12 -07:00
Brad Davidson cf9ebb3259 Fail to validate server tokens that use bootstrap id/secret format
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-05 12:24:35 -07:00
Derek Nola 7175ebe2be
E2E: Startup test cleanup + RunCommand Enhancement (#7388)
* Add beforesuite to startup
* Reduce timeouts for startup
* Fix cleanup + set kubeconfig

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-05-05 11:00:47 -07:00
Brad Davidson 1ca035accc Add e2e test for --disable-agent
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-28 11:24:34 -07:00
Derek Nola f2bde63eea
Kubernetes v1.27.1 (#7271)
* Bump go version to 1.20.3 to match upstream
* Bump cri-dockerd
* Bump golanci-lint
* go generate
* Bump selinux in cgroup test
* Bump to v1.27.1 tags
* Release documentation improvements
* Only run upgrade e2e test on PR

Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2023-04-18 21:48:36 -07:00
Derek Nola d2e04b826a
Don't apply hardened args to agent (#7089)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-04-04 09:35:28 -07:00
ShylajaDevadiga 8ec7d5e6b0
fix_get_sha_url (#7187)
Signed-off-by: ShylajaDevadiga <shylaja@rancher.com>
2023-03-31 13:26:29 -07:00
Derek Nola 9980504196
Fix to Rotate CA e2e test (#7101)
* Include note on service keys

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix rotate cert ca test

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove periods

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add new test to nightly script

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-16 17:56:17 -07:00
Esteban Esquivel Alvarado 85b261096c
Add automation for Restart command for K3s (#7002)
Signed-off-by: est-suse <esteban.esquivel@suse.com>
2023-03-14 15:47:18 -07:00
Roberto Bonafiglia 7d2f997b3e Added multiClusterCIDR E2E test
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Roberto Bonafiglia 262cd7de0a Added IPv6 check and agent restart on e2e test utils
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-03-14 18:30:52 +01:00
Derek Nola 522ad1e697
Add E2E to Drone (#6890)
* Initial drone vagrant pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Build e2e test image

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add docker registry to E2E pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Bump libvirt image

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add ci flag to secretsencryption

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix vagrant log on secretsencryption

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove DB parallel tests

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Reduce sonobuoy tests even further

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add local build

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add cron conformance pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add string output for nodes

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Switch snapshot restore for upgrade cluster

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix cp

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-03-10 19:53:41 -08:00
Derek Nola 9efa0797b7
Don't default to local K3s for startup test (#6950)
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-02-13 15:00:57 -08:00
Brad Davidson be7f751863 Add e2e tests for CA cert rotation
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-02-06 15:09:31 -08:00
Derek Nola 7cad3db251
E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851)
* Convert docker E2E to startup E2E
* Move preferedbundled into the e2e startup test

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-02-06 10:39:46 -08:00
Derek Nola 86e36225f5
Consolidate E2E tests and GH Actions (#6772)
* Consolidate cluster reset and snapshot E2E tests
* Add more context to secrets-encryption test
* Reuse build workflow
* Convert updatecli to job level permissions
* Remove dweomer microos from E2E and install testing

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-27 09:01:13 -08:00
Derek Nola 75f77ab951
E2E Rancher and Hardened script improvements (#6778)
* Improve test-pad rancher script

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Improve hardened script and added kube-bench utility script

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Apply same audits for 1.22 and older

Signed-off-by: Derek Nola <derek.nola@suse.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-26 18:17:33 -08:00